CompTIA Network+ Chapters 6 and 7
What are the steps in the encapsulation process?
1. User information is converted to data for transmission on the network. 2. Data is converted to segments, and a reliable connection is set up between the transmitting and receiving hosts. 3. Segments are converted to packets or datagrams, and a logical address is placed in the header so each packet can be routed through an internetwork. 4. Packets or datagrams are converted to frames for transmission on the local network. Hardware (Ethernet) addresses are used to uniquely identify hosts on a local network segment. 5. Frames are converted to bits, and a digital encoding and clocking scheme is used.
Fast Ethernet
100Base-T. A networking standard that supports data transfer rates up to 100 Mbps (100 megabits per second). Because it is 10 times faster than Ethernet, it is often referred to as Fast Ethernet. Officially, the 100BASE-T standard is IEEE 802.3u. Like Ethernet, 100BASE-T is based on the CSMA/CDLAN access method.
When was TCP first introduced?
1974
When was TCP divided into the two distinct protocols of TCP and IP?
1978
octet
8 bits. It is equivalent to a byte, as long as the byte is also 8 bits. Bytes range from 4 - 10 bits, but octets are always 8 bits.
Wireless 802.11
802.11 and 802.11x refers to a family of specifications developed by the IEEE for wireless LAN (WLAN) technology. 802.11 specifies an over-the-air interface between a wireless client and a base station or between two wireless clients. The IEEE accepted the specification in 1997.
What are some advantages of FTP?
Faster than email. Good for sending large files over 10 MB. Because it uses TCP and is connection-oriented, if the session dies, FTP can sometimes start up where it left off.
FTP (20, 21)
File Transfer Protocol. The protocol for exchanging files over the Internet. Most commonly used to download a file from a server using the Internet or to upload a file to a server (e.g., uploading a Web page file to a server).
hardware address
Hard-coded on a network interface card (NIC) and used for finding hosts on a local network.
serial
One by one. Serial data transfer refers to transmitting data one bit at a time. The opposite of serial is parallel, in which several bits are transmitted concurrently.
connection-oriented service
One of two techniques used in data communications to transfer data at the Transport Layer (Layer 4). Requires a session connection be established before any data can be sent with a direct physical connection between the sessions. This often considered to be a more reliable network service than the alternative, connectionless service.
What is the difference between FTP as a protocol and FTP as a program?
Operating as a protocol, FTP is used by applications. As a program, it's employed by users to perform file tasks by hand.
How are port numbers assigned?
Originating source port numbers are dynamically assigned by the source host and will usually have a value of 1024 or higher. Ports 1023 and below are defined in RFC 3232, which discusses what are called well-known port numbers. Virtual circuits that don't use an application with a well-known port number are assigned port numbers randomly from a specific range instead. These port numbers identify the source and destination application or process in the TCP segment.
frame
PDU at the data link layer. Both a header and a trailer are added to the packet, which makes the data resemble bookends or a frame.
How is PPP an improvement over SLIP?
PPP is better engineered, has more features, and does not require a static IP address configuration.
POP2
Post Office Protocol 2. Became a standard in the mid-80's and requires SMTP to send messages.
POP3
Post Office Protocol 3. A new version of POP that can be used with or without SMTP.
POP
Post Office Protocol. A protocol used to retrieve e-mail from a mail server. Most e-mail applications (sometimes called an e-mail client) use the POP protocol, although some can use the newer IMAP.
What are the four layers of the DOD Model?
Process/ Application layer Host-to-Host layer Internet layer Network Access layer
PDU
Protocol Data Unit. The term used to describe data as it moves from one layer of the OSI model to another. In this reference, PDU is often used synonymously with packet. These hold the control information attached to the data at each layer of the model. They're usually attached to the header in front of the data field but can also be in the trailer.
parity
Quality of being either odd or even. The fact that all numbers have a parity is commonly used in data communications to ensure the validity of data. This is called parity checking.
RTP (5004/ 5005)
Real-Time Transport Protocol. An Internet protocol for transmitting real-time data such as audio and video. RTP itself does not guarantee real-time delivery of data, but it does provide mechanisms for the sending and receiving applications to support streaming data. Typically, RTP runs on top of the UDP protocol, although the specification is general enough to support other transport protocols. Although initially designed as a multicast protocol, it's now used for unicast applications. It's commonly employed for streaming media, videoconferencing, and push-to-talk systems— all things that make it a de facto standard in Voice over IP (VoIP) industries.
What is IP addressing designed to do?
To allow hosts on one network to communicate with a host on a different network regardless of the type of LANs the hosts are participating in.
What is the main purpose of the host-to-host layer?
To shield the upper-layer applications from the complexities of the network.
traceroute
Traceroute uses IP packet Time-to-Live time-outs to discover the path a packet takes as it traverses an internetwork.
How does TCP work?
Transmission Control Protocol (TCP) takes large blocks of information from an application and breaks them into segments. It numbers and sequences each segment so that the destination's TCP process can put the segments back into the order the application intended. After these segments are sent, TCP (on the transmitting host) waits for an acknowledgment from the receiving end's TCP process, retransmitting those segments that aren't acknowledged.
TCP
Transmission Control Protocol. TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and also guarantees that packets will be delivered in the same order in which they were sent. A full-duplex, connection-oriented, reliable, and accurate protocol.
TCP/IP
Transmission Control Protocol/Internet Protocol. The basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network (either an intranet or an extranet).
MILNET
Military Network. The name given to the part of the ARPANET internetwork designated for unclassified United States Department of Defense traffic.
DOD network access layer (1)
Monitors the data exchange between the host and the network. Oversees hardware addressing. Defines protocols for the physical transmission of data.
What are the normal file size limits for sending over email?
Most ISP have a limit of 10 MB.
network control protocol
NCP was an early protocol implemented by ARPANET, the world's first operational packet-switching network that later evolved into what became the Internet.
NetBIOS (137- 139)
Network Basic Input Output System. An API that augments the DOS BIOS by adding special functions for local-area networks (LANs). Almost all Windows-based LANs for PCs are based on the NetBIOS. Only in the upper layers of the OSI model and allows for an interface on separate computers to communicate over a network. Microsoft is the defacto version. Based on the SMB format.
NFS
Network File System. A client/server application designed by Sun Microsystems that allows all network users to access shared files stored on computers of different types. NFS provides access to shared files through an interface called the Virtual File System (VFS) that runs on top of TCP/IP. Users can manipulate shared files as if they were stored locally on the user's own hard disk.
NAT
Network address translation. An Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.
packets
A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.
TLS handshake protocol
Allows authentication between the server and client and the negotiation of an encryption algorithm and cryptographic keys before the application protocol transmits or receives any data.
If you can ping a device with an IP address but can't use its FQDN, what might this be an indication of?
A DNS configuration failure.
bit
A bit is one binary digit, either a 1 or a 0.
byte
A byte is 7 or 8 bits, depending on whether parity is used.
virtual circuit
A connection between two devices that acts as though it's a direct connection even though it may physically be circuitous. The term is used most frequently to describe connections between two hosts in a packet-switching network. In this case, the two hosts can communicate as though they have a dedicated connection even though the packets might actually travel very different routes before arriving at their destination.
packet
A container or box that carries data over a TCP/IP network and internetworks. A packet is the most fundamental logical arbitration of data that is passed over a network.
datagram
A data packet that is sent over an IP network.
reliable transport operation
A device that wants to transmit sets up a connection-oriented communication with a remote device by creating a session. The transmitting device first establishes a connection-oriented session with its peer system; that session is called a call setup or a three-way handshake. Data is then transferred, and when the transfer is complete, a call termination takes place to tear down the virtual circuit.
mask
A filter that selectively includes or excludes certain values. For example, when defining a database field, it is possible to assign a mask that indicates what sort of value the field should hold. Values that do not conform to the mask cannot be entered.
Ethernet
A local-area network (LAN) architecture developed by Xerox Corporation in cooperation with DEC and Intel in 1976. Ethernet uses a bus or star topology and supports data transfer rates of 10 Mbps. The Ethernet specification served as the basis for the IEEE 802.3 standard, which specifies the physical and lower software layers. Ethernet uses the CSMA/CD access method to handle simultaneous demands. It is one of the most widely implemented LAN standards.
subnet mask
A mask used to determine what subnet an IP address belongs to.
windowing flow control
A method of flow control in which a receiver gives a transmitter permission to transmit data until a window is full. When the window is full, the transmitter must stop transmitting until the receiver advertises a larger window.
sequence packet protocol
A networking protocol that provides reliable transport of packets with flow control in environments where multiple transport connections are established.
subnet
A portion of a network that shares a common address component. On TCP/IP networks, subnets are defined as all devices whose IP addresses have the same prefix. For example, all devices with IP addresses that start with 100.100.100. would be part of the same subnet. Dividing a network into subnets is useful for both security and performance reasons. IP networks are divided using a subnet mask.
RDP (3389)
A proprietary protocol developed by Microsoft. It allows you to connect to another computer and run programs. RDP operates somewhat like Telnet, except instead of getting a command-line prompt as you do with Telnet, you get the actual graphical user interface (GUI) of the remote computer. A tool for remote clients, allowing them to connect to their work computer from home, get their email or perform work on other applications without running or installing any of the software on their home computer.
Transport Layer Security (995?)
A protocol that guarantees privacy and data integrity between client/server applications communicating over the Internet.
H. 323 (Video) (1720)
A protocol that provides a standard for video on an IP network that defines how real-time audio, video, and data information is transmitted. This standard provides signaling, multimedia, and bandwidth control mechanisms.
NTP (123)
A protocol that's used to synchronize the clocks on our computers to one standard time source (typically, an atomic clock).
baseline
A report delimiting the operational traits of a healthy network.
https (443)
A secure version of HTTP that arms you with security tools for keeping transactions between a web browser and a server secure. It's what your browser needs to fill out forms, sign in, authenticate, and encrypt an HTTP message when you make a reservation or buy something online.
checksum
A simple error-detection scheme in which each transmitted message is accompanied by a numerical value based on the number of set bits in the message. The receiving station then applies the same formula to the message and checks to make sure the accompanying numerical value is the same. If not, the receiver can assume that the message has been garbled.
255.255.255.255
A special broadcast address, which means "this network": it lets you send a broadcast packet to the network you're connected to, without actually caring about its address. All networks and all hosts.
thin protocol
A term for UDP because it takes up fewer network resources/bandwidth than TCP.
Telnet (23)
A user command and an underlying TCP/IP protocol for accessing remote computers. Through Telnet, an administrator or another user can access someone else's computer remotely.
ping
A utility to determine whether a specific IP address is accessible. It works by sending a packet to the specified address and waiting for a reply. PING is used primarily to troubleshoot Internet connections.
127.0.0.1
A virtual address meaning "local host."
software shell
A virtual terminal that can interact with the chosen remote host.
X Windows
A windowing and graphics system developed at the Massachusetts Institute of Technology (MIT). MIT has placed the X-Window source code in the public domain, making it a particularly attractive system for UNIX vendors. Almost all UNIX graphical interfaces, including Motif and OpenLook, are based on X-Window.
Gigabit Ethernet
Abbreviated GbE, a version of Ethernet, which supports data transfer rates of 1 Gigabit (1,000 megabits) per second.
Telnet client
Accesses the resources of the Telnet server.
spooling
Acronym for simultaneous peripheral operations on-line, spooling refers to putting jobs in a buffer, a special area in memory or on a disk where a device can access them when it is ready. Spooling is useful because devices access data at different rates. The buffer provides a waiting station where data can rest while the slower device catches up.
static IP addressing
Adding IP information by hand?
How does ARP work?
Address Resolution Protocol finds the hardware address of a host from a known IP. When IP has a datagram to send, it must inform a Network Access protocol, such as Ethernet or Token Ring, of the destination's hardware address on the local network. (It has already been informed by upper-layer protocols of the destination's IP address.) If IP doesn't find the destination host's hardware address in the ARP cache, it uses ARP to find this information. As IP's detective, ARP interrogates the local network by sending out a broadcast asking the machine with the specified IP address to reply with its hardware address. So basically, ARP translates the software (IP) address into a hardware address.
ARP
Address Resolution Protocol. A network layer protocol used to convert an IP address into a physical address (called a DLC address), such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address.
private IP address
Addresses that can be used on a private network, but they're not routable through the Internet.
In the Ethernet header, a destination of all Fs in hex (all 1s in binary) in a hardware-address broadcast, is used to make sure what happens?
All devices on the local link receive the request.
dual stacking
Allows a device to have both the IPv4 and IPv6 protocol stacks running so it's capable of continuing on with its existing communications and simultaneously running newer IPv6 communications as they're implemented.
What are some of the things FTP does?
Allows for access to both directories and files and can accomplish certain types of directory operations, such as relocating files into different directories. Listing and manipulating directories, typing file contents, and copying files between hosts. It can't execute remote files as programs.
stateless autoconfiguration
Allows the various devices attached to an IPv6 network to connect to the Internet using the Stateless Auto Configuration without requiring any intermediate IP support in the form of a Dynamic Host Configuration Protocol (DHCP) server. Allows devices on a network to address themselves with a link-local unicast address as well as with a global unicast address.
layer 2 broadcasts
Also known as hardware broadcasts— they only go out to all nodes on a LAN, and they don't go past the LAN boundary (router). The typical hardware address is 6 bytes (48 bits) and looks something like 0c. 43. a4. f3.12. c2. The broadcast would be all 1s in binary, which would be all Fs in hexadecimal, as in FF.FF.FF.FF.FF.FF.
Kerberos authentication
An authentication system developed at the Massachusetts Institute of Technology (MIT). Kerberos is designed to enable two parties to exchange private information across an otherwise open network. It works by assigning a unique key, called a ticket, to each user that logs on to the network. The ticket is then embedded in messages to identify the sender of the message.
port
An endpoint to a logical connection and the way a client program specifies a specific server program on a computer in a network. A number that identifies one side of a connection between two computers. Computers use port numbers to determine to which process or application a message should be delivered.
IP address
An identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the IP address of the destination. A numeric identifier assigned to each machine on an IP network. It designates the specific location of a device on the network. A logical address (versus physical) used to define a single host; however, IP addresses can be used to reference many or all hosts as well.
API
Application program interface. A set of routines, protocols, and tools for building software applications. The API specifies how software components should interact and APIs are used when programming graphical user interface (GUI) components. A good API makes it easier to develop a program by providing all the building blocks. A programmer then puts the blocks together.
What would happen if there wasn't a single network interface to the upper layers from the internet layer?
Application programmers would need to write what are called hooks into every one of their applications for each different Network Access protocol. This would lead to different versions of each application— one for Ethernet, another one for Token Ring, etc. To prevent this, IP provides one single network interface for the upper-layer protocols.
When did DOD publish their first Request for Comments (RFC) related to the Internet and its protocols.
April 1969
APIPA
Automatic Private IP Addressing. A feature of later Windows operating systems. With APIPA, DHCP clients can automatically self-configure an IP address and subnet mask when a DHCP server isn't available. When a DHCP client boots up, it first looks for a DHCP server in order to obtain an IP address and subnet mask.
bootstrap protocol
BOOTP. An Internet protocol that enables a diskless workstation to discover its own IP address, the IP address of a BOOTP server on the network, and a file to be loaded into memory to boot the machine. This enables the workstation to boot without requiring a hard or floppy disk drive.
How does IMAP work?
Because Internet Message Access Protocol (IMAP) makes it so you get control over how you download your mail, with it, you also gain some security. It lets you peek at the message header or download just a part of a message. With it, you can choose to store messages on the email server hierarchically and link to documents and user groups. Gives you search commands to use to hunt for messages based on their subject, header, or content. Supports the Kerberos authentication. IMAP4 is latest version.
BSD
Berkeley Software Distribution (BSD) is a Unix operating system derivative developed and distributed by the Computer Systems Research Group (CSRG) of the University of California, Berkeley, from 1977 to 1995. Today the term "BSD" is often used non-specifically to refer to any of the BSD descendants which together form a branch of the family of Unix-like operating systems.
10.255.255.255
Broadcasts to all subnets and hosts on network 10.0.0.0.
CSMA/CD
Carrier Sense Multiple Access / Collision Detection. A set of rules determining how network devices respond when two devices attempt to use a data channel simultaneously (called a collision).
What are the different classes of network addresses?
Class A - 10.0.0.0 - 10.255.255.255/8 Class B - 172.16.0.0 - 172.31.255.255/12 Class C - 192.168.0.0 - 192.168.255.255
multicast
Class D. These are packets sent from a single source and transmitted to many devices on different networks. Referred to as one-to-many. Enables multiple recipients to receive messages without flooding the messages to all hosts on a broadcast domain. This is not the default behavior— needs to be configured correctly.
anycast
Communication that takes place over a network between a single sender and the nearest of a group of receivers. Anycast is used in IPv6 as a method of updating routing tables. One host initiates an update of a router table for a group of hosts, sending the data to the nearest host. That host then sends the message on to its nearest router until all the routing tables in that group are updated. One to nearest.
How are IP addresses configured?
Consists of 32 bits of information. These bits are divided into four sections, referred to as octets or bytes, and four octets sum up to 32 bits (8 × 4 = 32). You can depict an IP address using one of three methods: Dotted-decimal, as in 172.16.30.56 Binary, as in 10101100.00010000.00011110.00111000 Hexadecimal, as in AC. 10.1E. 38
Who created TCP/IP?
Created by the Department of Defense (DoD) to ensure and preserve data integrity as well as to maintain communications in the event of catastrophic war.
CRC
Cyclic redundancy check. Aa common technique for detecting data transmission errors. Transmitted messages are divided into predetermined lengths that are divided by a fixed divisor. According to the calculation, the remainder number is appended onto and sent with the message. When the message is received, the computer recalculates the remainder and compares it to the transmitted remainder. If the numbers do not match, an error is detected.
How are DHCP and BootP different?
DHCP differs from Bootstrap Protocol (BootP) in that BootP assigns an IP address to a host but the host's hardware address must be entered manually in a BootP table. You can think of DHCP as a dynamic BootP. BootP is also used to send an operating system that a host can boot from. DHCP can't do that.
What is a key protocol that uses both TCP and UDP?
DNS.
Domain Name Service (53)
DNS. An Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.example.com might translate to 198.105.232.4.
DLC
Data Link Control. The second lowest layer in the OSI Reference Model. Every network interface card (NIC) has a DLC address or DLC identifier (DLCI) that uniquely identifies the node on the network. Some network protocols, such as Ethernet and Token-Ring use the DLC addresses exclusively. Other protocols, such as TCP/IP, use a logical address at the Network Layer to identify nodes. Ultimately, however, all network addresses must be translated to DLC addresses. In TCP/IP networks, this translation is performed with the Address Resolution Protocol (ARP).
DOD Process/Application Layer (4)
Defines protocols for node-to-node application communication. Controls user interface specifications.
destination port number
Defines the upper-layer process (application) that the data stream is handed to when the data stream is reliably rebuilt on the receiving host.
What does the transport layer use port numbers for?
Defines virtual circuit. Hosts assigns starting with 1024. Defines upper-layer process or application.
DOD host-to-host layer (3)
Defining protocols for setting up the level of transmission services for applications. Responsible for creating reliable end-to-end communication . Responsible for ensuring the error-free delivery of data. Handles packet sequencing. Maintains data integrity.
DOD internet layer (2)
Designates the protocols related to the logical transmission of packets over the entire network. Responsible for the logical addressing of hosts by giving them an IP address. Handles the routing of packets among multiple networks.
load balancing
Distributing processing and communications activity evenly across a computer network so that no single device is overwhelmed. Load balancing is especially important for networks where it's difficult to predict the number of requests that will be issued to a server.
DHCP (67/68)
Dynamic Host Configuration Protocol. A protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.
hops
Each IP datagram is allotted a certain number of routers, called hops, to pass through. If a datagram reaches its limit of hops before arriving at its destination, the last router to receive it deletes it. The executioner router then uses ICMP to send an obituary message, informing the sending machine of the demise of its datagram.
How do PDUs work?
Each PDU attaches to the data by encapsulating it at each layer of the OSI model, and each has a specific name depending on the information provided in each header. This PDU information is read only by the peer layer on the receiving device. After it's read, it's stripped off, and the data is then handed to the next layer up.
flat address
Each designation being used as a unique identifier.
node
Either a connection point, a redistribution point, or a communication endpoint (e.g. data terminal equipment). The definition of a node depends on the network and protocol layer referred to.
frame check sequence
FCS. Refers to the extra error-detecting code added to a frame in a communications protocol.
What do multicast addresses start with in IPv6?
FF.
fully qualified domain name
FQDN. Also called a DNS namespace. A hierarchy that can logically locate a system based on its domain identifier. Consists of a host and domain name, including top-level domain. For example, www.webopedia.com is a fully qualified domain name. www is the host, webopedia is the second-level domain, and.com is the top level domain. A FQDN always starts with a host name and continues all the way up to the top-level domain name, so www.parc.xerox.com is also a FQDN.
http (80)
HyperText Transfer Protocol. The underlying protocol used by the World Wide Web. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. Manages communication between web browsers and web servers. For example, when you enter a URL in your browser, this actually sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page.
What is some of the information a DHCP server can provide to a host when the host is requesting an IP address from the DHCP server?
IP address Subnet mask Domain name Default gateway (routers) DNS Windows Internet Naming Service (WINS) information
What does IP do?
IP looks at each packet's destination address. Then, using a routing table, it decides where a packet is to be sent next, choosing the best path. It receives segments from the Host-to-Host layer and fragments them into packets if necessary. IP then reassembles packets back into segments on the receiving side.
internet protocol
IP. Essentially the Internet layer. The other protocols found here merely exist to support it. IP holds the big picture and is aware of all the interconnected networks. It can do this because all the machines on the network have a software, or logical, address called an IP address.
What are the advantages of IPv6?
IPSec— a feature that provides end-to-end security. Mobility - allows a device to roam from one network to another without dropping connections. More addresses. Efficiency. Doesn't broadcast. It multicasts/unicasts/anycasts.
destination unreachable
If a router can't send an IP datagram any further, it uses ICMP to send a message back to the sender, advising it of the situation.
buffer full
If a router's memory buffer for receiving incoming datagrams is full, it will use ICMP to send out this message until the congestion abates.
What is the disadvantage of flat addressing?
If every address were unique, all routers on the Internet would need to store the address of each and every machine on the Internet.
acknowledgment number (32 bits)
If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive. Once a connection is established this is always sent.
6to4 tunneling
If you have an all-IPv6 network that must communicate over an IPv4 network to reach another IPv6 network. Take the IPv6 packet that's traveling across the network and sticking an IPv4 header onto the front of it.
When did TCP/IP replace NCP?
In 1983, TCP/ IP replaced the Network Control Protocol (NCP) and was authorized as the official means of data transport for anything connecting to ARPAnet.
link local
In a computer network, a link-local address is a network address that is valid only for communications within the network segment (link) or the broadcast domain that the host is connected to. Link-local addresses are usually not guaranteed to be unique beyond a single network segment.
ICMP
Internet Control Message Protocol. An extension to the Internet Protocol (IP). ICMP supports packets containing error, control, and informational messages. Works at the network layer. A management protocol and messaging service provider for IP. Its messages are carried as IP packets.
IGMP
Internet Group Management Protocol (IGMP) is the TCP/ IP protocol used for managing IP multicast sessions. It accomplishes this by sending out unique IGMP messages over the network to reveal the multicast-group landscape and to find out which hosts belong to which multicast group. Works at the Network layer and doesn't use port numbers.
What two layers of the OSI and DOD models are interchangeable?
Internet Layer = Network Layer Host-to-Host Layer = Transport Layer
IMAP (143)
Internet Message Access Protocol. A protocol for retrieving e-mail messages. The latest version, IMAP4, is similar to POP3 but supports some additional features.
What is the advantage of hierarchical addressing?
It can handle a large number of addresses, namely, 4.3 billion (a 32-bit address space with two possible values for each position— either 0 or 1— gives you 232, or 4,294,967,296).
Why is UDP considered a connectionless protocol?
It doesn't create a virtual circuit, nor does it contact the destination before delivering information to it.
What does SNMP do?
It gathers data by polling the devices on the network from a management station at fixed or random intervals, requiring them to disclose certain information. When all is well, SNMP receives something called a baseline— a report delimiting the operational traits of a healthy network. This protocol can also stand as a watchdog over the network, quickly notifying managers of any sudden turn of events. The network watchdogs are called agents, and when aberrations occur, agents send an alert called a trap to the management station. In addition, SNMP can help simplify the process of setting up a network as well as the administration of your entire internetwork.
What does the Internet layer do when it receives the data stream?
It routes the segments as packets through an internetwork.
The TLS record protocol
Layered on top of a reliable transport protocol, such as TCP, it ensures that the connection is private by using symmetric data encryption and it ensures that the connection is reliable. The TLS Record Protocol also is used for encapsulationof higher-level protocols, such as the TLS Handshake Protocol.
LDAP (389)
Lightweight Directory Access Protocol. A set of protocols for accessing information directories. A directory keeps track of all your network resources, such as devices and users.
LPD
Line printer daemon. A printer protocol that uses TCP/IP to establish connections between printers and workstations on a network. The technology was developed originally for BSD UNIX and has since become the de facto cross-platformprinting protocol.
LLC
Logical link control layer. One of two sublayers that make up the Data Link Layer of the OSI model. The Logical Link Control layer controls frame synchronization, flow control and error checking.
loopback test
Loopback is a communication channel with only one endpoint. TCP/IP networks specify a loopback that allows client software to communicate with server software on the same computer. Users can specify an IP address, usually 127.0.0.1, which will point back to the computer's TCP/IP network configuration. The range of addresses for loopback functionality is the range of 127.0.0.0 to 127.255.255.255. Similar to ping, loopback enables a user to test one's own network to ensure the IP stack is functioning properly.
MIB
Management Information Base. A database of objects that can be monitored by a network management system.
MAC address
Media Access Control address. A hardware address that uniquely identifies each node of a network.
MGCP (Multimedia) (2427/ 2727)
Media Gateway Control Protocol. A control and signal standard to compete with the older H.323 standard for the conversion of audio signals carried on telephone circuits (PSTN ) to data packets carried over the Internet or other packet networks. MGCP can be used to set up, maintain, and terminate calls between multiple endpoints.
logical
Refers to a user's view of the way data or systems are organized. The opposite of logical is physical, which refers to the real organization of a system. For example, a logical description of a file is that it is a collection of data stored together. This is the way files appear to users. Physically, however, a single file can be divided into many pieces scattered across a disk.
static
Refers to elements of the Internet or computer programming that are fixed and not capable of action or change.
connectionless protocol
Refers to network protocols in which a host can send a message without establishing a connection with the recipient. That is, the host simply puts the message onto the network with the destination address and hopes that it arrives. Examples of connectionless protocols include Ethernet, IPX, and UDP. In contrast, connection-oriented protocols require a channel to be established between the sender and receiver before any messages are transmitted.
packet switching
Refers to protocols in which messages are divided into packets before they are sent. Each packet is then transmitted individually and can even follow different routes to its destination. Once all the packets forming a message arrive at the destination, they are recompiled into the original message.
data encapsulation
Refers to sending data where the data is augmented with successive layers of control information before transmission across a network.
half-duplex
Refers to the transmission of data in just one direction at a time.
full-duplex
Refers to the transmission of data in two directions simultaneously. For example, a telephone is a full-duplex device because both parties can talk at once. In contrast, a walkie-talkie is a half-duplex device because only one party can transmit at a time.
Class C network
Reserved for the numerous networks with a small number of hosts.
RARP
Reverse Address Resolution Protocol. A TCP/IP protocol that permits a physical address, such as an Ethernet address, to be translated into an IP address. Hosts such as diskless workstations often only know their hardware interface addresses, or MAC address, when booted but not their IP addresses. They must discover their IP addresses from an external source, usually a RARP server.
What are the two primary functions of the DOD internet layer?
Routing. Providing a single network interface to the upper layers.
Server Message Block (445)
SMB. Used for sharing access to files and printers and other communications between hosts on a Microsoft Windows network. SMB can run on UDP port 137 and 138, and TCP port 137 and 139 using NetBIOS.
What key protocols are used by UDP?
SNMPv1/2 (161) TFTP (69) DNS (53) BOOTPS/DHCP (67,68)
What is the most recent version of SNMP?
SNMPv3. Uses both UDP and TCP. Has more security, message integrity, authentication, and encryption. SNMPv1 and v2 because they are susceptible to a packet sniffer reading the data.
What protocols are used to encrypt packets over the internet and intranets?
SSH (port 22) and HTTPS (port 443).
Secure Sockets Layer (465?)
SSL is a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.
SYN
SYNchronize and ACKnowledge messages.
SFTP (22)
Secure File Transfer Protocol. A method of transferring files between computers over a secure SSH secure data stream. Also called SSH for Secure Shell.
SSH (22)
Secure Shell. A program to log into another computer over a network, to execute commands in a remote machine, run programs on remote systems, and move files from one machine to another. It provides strong authentication and secure communications over insecure channels.
What are the PDUs called at each layer?
Segment = Transport Packet = Network Frame = Data Link Bits = Physical
What are the key features of TCP?
Sequenced. Reliable. Connection-oriented. Virtual circuit. High overhead. Acknowledgements. Windowing flow control.
SLIP
Serial Line Internet Protocol. A protocol for connection to the Internet via a dial-up connection. Developed in the 80s when modem communications typically were limited to 2400 bps, it was designed for simple communication over serial lines. Works at the Network layer and doesn't use port numbers. Has been replaced by Point-to-Point Protocol (PPP).
SIP (5060/5061)
Session Initiation Protocol. An application-layer control protocol. A signaling protocol for Internet Telephony. SIP can establish sessions for features such as audio/videoconferencing, interactive gaming, and call forwarding to be deployed over IP networks, thus enabling service providers to integrate basic IP telephony services with Web, e-mail, and chat services.
CIDR
Short for Classless Inter-Domain Routing. IP addressing scheme that replaces the older system based on classes A, B, and C. With CIDR, a single IP address can be used to designate many unique IP addresses. A CIDR IP address looks like a normal IP address except that it ends with a slash followed by a number, called the IP network prefix.For example: 172.200.0.0/16
SMTP (25)
Simple Mail Transfer Protocol. A protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. Uses a spooled, or queued, method of mail delivery.
SNMP (161)
Simple Network Management Protocol. A set of protocols for managing complex networks. SNMP works by sending messages, called protocol data units (PDUs), to different parts of a network. SNMP-compliant devices, called agents, store data about themselves in Management Information Bases (MIBs) and return this data to the SNMP requesters.
Class A network
Small number of networks possessing a very large number of hosts.
172.16.255.255
Specifies all subnets and hosts on network 172.16.0.0.
How is a hierarchical IP address structured?
Structured by network and host Structured by network, subnet, and host. Like a telephone number.
subnetting
Subnetting enables the network administrator to further divide the host part of the address into two or more subnets.
decapsulation
Successive layers of data being removed (essentially unwrapped) at the receiving end of a network.
What is the tradeoff between TCP and UDP?
TCP for reliability or UDP for faster transfers.
What are some analogies for UDP and TCP?
TCP is a phone call and UDP is a post card. TCP checks in to acknowledge the other person is there and signs off. UDP writes the message and drops it in the mail.
What does the host-to-host (transport) layer do?
Takes the data stream from the upper layer(s) (4) with any instructions, and begins the process of getting the information ready to send (3). TCP segments the data stream and prepares it for the Internet layer (2).
What key protocols are used by TCP?
Telnet (23) SMTP (25) HTTP (80) FTP (20, 21) SFTP (22) DNS (53) HTTPS (443) SSH (22) SMB (445) POP3 (110) NTP (123) IMAP4 (143) RDP (3389) SNMPv3 (161)
ARPAnet
The Advanced Research Projects Agency Network (ARPANET) was an early packet switching network and the first network to implement the protocol suite TCP/IP. Both technologies became the technical foundation of the Internet.
OSI
The Open Systems Interconnection Model. A conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard for their underlying internal structure and technology. Its goal is the interoperability of diverse communication systems with standard protocols. The model partitions a communication system into abstraction layers.
How long is the TCP header?
The TCP header is 20 bytes long, or up to 24 bytes with options.
What are the two layers of the TLS?
The TLS record protocol. The TLS handshake protocol.
logical address
The address at which an item (memory cell, storage element, network host) appears to reside from the perspective of an executing application program. A logical address may be different from the physical address due to the operation of an address translator or mapping function. An IP address is a logical address.
How does Telnet work?
The client machine emulates a terminal machine directly connected to the local network. Telnet offers no security or encryption and is replaced by Secure Shell (SSH) when security across the remote-configuration session is needed or desired.
encapsulation
The data is wrapped with protocol information at each layer of the OSI model when a host transmits data across a network to another device.
network address
The designation used in routing to send packets to a remote network.
destination port (16 bits)
The destination port number. Where the message is being sent to.
synch packet
The first packet sent across the network when setting up a TCP connection.
default gateway
The gateway in a network that a computer will use to access another network if a gateway is not specified for use. In a network using subnets, the router that forwards traffic to a destination outside of the subnet of the transmitting device.
session
The period of time a user interfaces with an application. The user session begins when the user accesses the application and ends when the user quits the application.
What is the problem with FTP?
The problem with FTP is that all data is sent in clear text, just as with Telnet. If you need to make sure your FTP transfers are secure, then you'll use SFTP.
handshaking
The process by which two devices initiate communications. Handshaking begins when one device sends a message to another device indicating that it wants to establish a communications channel. The two devices then send several messages back and forth that enable them to agree on a communications protocol.
flow control
The process of adjusting the flow of data from one device to another to ensure that the receiving device can handle all of the incoming data. This is particularly important where the sending device is capable of sending data much faster than the receiving device can receive it.
TCP segment
The protocol data unit which consists of a TCP header and an application data piece (packet) which comes from the (upper) Application Layer.
sequence number (32 bits)
The sequence number of the first data octet in this segment (except when SYN is present). If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1.
collision
The situation that occurs when two or more devices attempt to send a signal along the same channel at the same time. The result of a collision is generally a garbled message. All computer networks require some sort of mechanism to either prevent collisions altogether or to recover from collisions when they do occur.
source port (16 bits)
The source port number. The source of the message sender.
bit time
The time it takes for one bit to be ejected from a Network Interface Card (NIC) operating at some predefined standard speed, such as 10 Mbit/s. The time is measured between the time the logical link control layer 2 sublayer receives the instruction from the operating system until the bit actually leaves the NIC.
windowing
The use of windows for the simultaneous display of more than one item on a screen.
Telnet server
Their services are accessed by the Telnet client.
broadcast (layer 3)
These are sent to all nodes on the network.
What characteristics do ICMP packets have?
They can provide hosts with information about network problems. They are encapsulated within IP datagrams.
Why do TCP and UDP use port numbers to communicate with the upper layers?
They're what keep track of different simultaneous conversations originated by or accepted by the local host.
unicast
This is an address for a single interface, and these are used to send packets to a single destination host.
TFTP (69)
Trivial File Transfer Protocol. An Internet software utility for transferring files that is simpler to use than the File Transfer Protocol (FTP) but less capable. It is used where user authentication and directory visibility are not required. TFTP uses the User Datagram Protocol (UDP) rather than the Transmission Control Protocol (TCP). TFTP has no directory-browsing abilities; it can do nothing but send and receive files. This compact little protocol also skimps in the data department, sending much smaller blocks of data than FTP, and there's no authentication as with FTP, so it's insecure. Few sites support it because of the inherent security risks.
How many components does an IP address have?
Two. The network address and the host address.
Where did most of the development work for TCP/IP happen?
UC/Berkeley
What doesn't UDP do?
UDP does not sequence the segments and doesn't care in which order the segments arrive at the destination. UDP sends the segments off and forgets about them. It doesn't follow through, check up on them, or even allow for an acknowledgment of safe arrival. Because of this, it's referred to as an unreliable protocol because it doesn't handle issues of reliability. UDP assumes that the application will use its own reliability method, so it doesn't use any.
What is the difference between link-local and unique local on IPv6?
Unique local can be routed within your organization or company.
What are the key features of UDP?
Unsequenced. Unreliable. Connectionless. No virtual circuit. Low overhead. No acknowledgement. No windowing or flow control.
broadcast address
Used by applications and hosts to send information to all hosts on a network.
What are Numbers 1024 and above used for?
Used by the upper layers to set up sessions with other hosts and by TCP as source and destination identifiers in the TCP segment.
UDP
User datagram protocol. A connectionless protocol that, like TCP, runs on top of IP networks. Unlike TCP/IP, UDP/IP provides very few error recovery services, offering instead a direct way to send and receive datagrams over an IP network. It's used primarily for broadcasting messages over a network.
VOIP
Voice over Internet Protocol is a category of hardware and software that enables people to use the Internet as the transmission medium for telephone calls by sending voice data in packets using IP rather than by traditional circuit transmissions of the public switched telephone network (PSTN).
When is hexadecimal used in an IP address?
WIth IPv6 although still might be used in IP in some programs. For example, XP Windows Registry.
How does POP work?
When a client device connects to a POP3 server, messages addressed to that client are released for downloading. It doesn't allow messages to be downloaded selectively, but once they are, the client-server interaction ends and you can delete and tweak your messages locally at will.
How does data encapsulation work?
When a network device sends a message, the message will take the form of a packet. Each OSI (open system interconnection) model layer adds a header to the packet. The packet is then covered with some information directing it onward to a destination; this is analogous to the address on a letter in which the actual message is carried inside the envelope. Similarly, the message in the packet is encapsulated with some information such as the address of next node, protocol information, the type of data and the source and destination addresses.
When is it better to use UDP rather than TCP?
When using SNMP to monitor. When reliability is already handled at the Process/ Application layer, such as DNS which handles its own reliability.
What two questions must be answered to identify a device on a network?
Which network is it on? The software address, or logical address (the correct street). What is its ID on that network? The hardware address (the correct mailbox).
802.11 IEEE wireless LAN standards
http://www.webopedia.com/TERM/8/802_11.html
Ethernet Designations Chart
http://www.webopedia.com/quick_ref/EthernetDesignations.asp
Well-Known TCP Port Numbers
http://www.webopedia.com/quick_ref/portnumbers.asp