Network+ Guide to Networks - Eighth Edition - Chapter Four
three-way handshake
SYN-> SYN/ACK -> ACK (TCP) Original sequence number becomes the first acknowledgement number, and then the second acknowledgement number becomes the third sequence number. End-to-End reliability Virtual connection
5. What kind of route is created when a network admin configures a route to use a specific path between nodes?
Static Route
6. When a router can't determine a path to a message's destination, where does it send the message?
Gateway of last resort
10. Which two protocols manage neighbor discover process on IPv4 networks?
ICMP and ARP
IS-IS (Intermediate System to Intermediate System)
IGP + link-state routing protocol, similar to OSPF; designed for use on core routers only + can use IPv6; scalable
Spoofing
Impersonating another computer or device by presenting their MAC address
3. At which OSI layer does IP operate?
Layer 3 - Network Layer
4. Which OSI layer is responsible for directing data from one network to another?
Layer 3 - Network Layer
20. Which protocol is supported by ICMPv6 to facilitate neighbor discovery on an IPv6 network?
NDP (Neighbor Discovery Protocol)
14. Which two fields in an Ethernet frame help synchronize device communications but are not counter toward the frame's size?
Preamble + SFD
ARP (Address Resolution Protocol)
Protocol in the TCP/IP suite used with the command-line utility of the same name (arp) to determine the MAC address that corresponds to a particular IP address
Common Routing Protocols
RIP, RIPv2, OSPF, IS-IS, EIGRP, BGP
ARP table or ARP cache
The table in memory that stores IP address to MAC address entries, stored on the hard drive, dynamic and static entries
convergence time
The time it takes for a router to recognize a best path in the event of a change or network outage
Latency
Time it takes for a bit to travel from its sender to its receiver
11. What three characteristics about TCP distinguish it from UDP?
-connection based -slower -reliable
15. What four functions do all routers perform?
1. Connect dissimilar networks. 2. Interpret Layers 3 and 4 addressing and other information. 3. Determine the best path for data to follow. 4. Reroute traffic if a primary path is down but another path is available.
9. What is the Internet standard MTU?
1500 bytes
netstat
A TCP/IP troubleshooting utility that displays statistics and the state of current TCP/IP connections. It also displays ports, which can signal whether services are using the correct ports.
pathping
A Windows utility that combines the functionality of the tracert and ping utilities to provide deeper information about network issues along a route; similar to UNIX's mtr command.
tcpdump
A command-line protocol analyzer. Administrators use it to capture packets.
tracert
A command-line utility used to follow the path a packet takes between two hosts, identifying all intermediate hops
packet sniffer
A device or program that monitors network communications and captures data; like tcpdump
dynamic ARP table entry
A record in an ARP table that is created when a client makes an ARP request that cannot be satisfied by data already in the ARP table.
static ARP table entry
A record in an ARP table that someone has manually entered using the ARP utility. Static ARP table entries remain the same until someone manually modifies them with the ARP utility.
distance-vector routing protocol
A routing protocol that calculates paths based on the distance (or number of hops) and a vector (a direction); RIP, RIPv2, EIGRP
IGP (Interior Gateway Protocol)
A routing protocol used inside an autonomous system by core routers and edge routers
Layer 3 Switch
A switch capable of interpreting Layer 3 data and works much like a router in that it supports the same routing protocols and makes routing decisions.
Layer 4 Switch
A switch capable of interpreting Layer 4 data, which means it can perform advanced filtering, keep statistics, and provide security functions.
link-state routing protocol
A type of routing protocol that enables routers to share information beyond neighboring routers, after which each router can independently map the network and determine the best path between itself and a message's destination node; OSPF + IS-IS
routing cost
A value assigned to a particular route as judged by the network administrator; the more desirable the path, the lower its cost.
7. A routing protocol's reliability and priority are rated by what measurement?
AD
Dynamic Routing
Allows a router to determine the best route between two nodes automatically and then store this information in a routing table.
OSPF (Open Shortest Path First)
An IGP and a link-state routing protocol used on core and edge routers; can co-exist with RIP
RIPv2 (Routing Information Protocol version 2)
An updated version of the original RIP routing protocol that generates less broadcast traffic and functions more securely. RIPv2's packet forwarding is still limited to a maximum 15 hops.
exterior router
Any router outside the organization's AS such as a router on the Internet backbone
8. Which routing protocol does an exterior router use to collect data to build its routing tables?
BGP
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
Carrier Sense - ethernet NIC listening and waiting until no other nodes are transmitting data Multiple Access - several nodes accessing the same network media Collision Detection - what happens when two nodes attempt a transmission at the same time
2. What field in a TCP segment is used to determine if an arriving data unit exactly matches the data unit sent by the source?
Checksum
BGP (Border Gateway Protocol)
Dubbed the "protocol of the Internet," this path-vector routing protocol is the only current EGP and is capable of considering many factors in its routing metrics.
13. What is the difference between dynamic ARP table entries and static ARP table entries?
Dynamic entries are automatically logged by an algorith, static entries are manually logged by an admin
Ethernet II
Ethernet II is the current Ethernet standard; adds both a header and a trailer to the payload, creating an 18 byte frame
1. Which protocol's header would a Layer 4 device read and process?
TCP
16. What database does a router consult before determining the most efficient path for delivering a message?
The Routing Table
MTU (maximum transmission unit)
The largest data unit a router will accept for transmission across the network; default is 1500 bytes
Static Routing
The manual configuration of a router; can't account for occasional network congestion, failed connections or device moves
Routing Protocols
The means by which routers communicate with each other about network status. Routing protocols determine the best path for data to take between nodes.
best path
The most efficient route from one node on a network to another, as calculated by a router; shortest =/= best
RIP (Routing Information Protocol)
The oldest routing protocol that is still widely used, RIP is a distance-vector protocol that uses hop count as its routing metric and allows up to only 15 hops. RIP is slow and less secure.
collision domain
The portion of an Ethernet network in which collisions could occur if two nodes transmit data at the same time; ex: hubs connecting multiple computers in a star-bus topology
Give three examples of routing metrics used by routers to determine the best of various available routing paths
[Pick 3] Hop count, theoretical bandwidth vs actual throughput, path latency (or delay), path load, MTU, cost, reliability, network topology
18. List three IGPs (interior gateway protocols)
[Pick 3] RIP, RIPv2, OSPF, IS-IS, EIGRP
Checksum
a data transmission control that uses a hash of a file to verify accuracy
routing table
a database that holds information about where hosts are located and the most efficient way to reach them
Autonomous System (AS)
a group of net- works, often on the same domain, that are operated by the same organization; a "trusted" network
gateway of last resort
a router that accepts all unroutable messages from other routers
EIGRP (Enhanced Interior Gateway Routing Protocol)
an advanced distance-vector protocol that combines some of the features of a link-state protocol and so is sometimes referred to as a hybrid protocol
jumbo frame
an exception to Ethernet frame limitations; 9198 bytes
AD (administrative distance)
assigned by default, a number idicating the protocol's reliability; lower values = higher priority; can be manually changed
edge routers or border routers
connect an autonomous system with an outside network or an "untrusted" network
router's basic functions
connecting dissimilar networks (LAN and WAN); interpret Layer 3 or Layer 4 data; best path determination; rerouting traffic in case of obstruction
TCP (Transmission Control Protocol)
connection-oriented, sequencing and checksums, flow control
Neighbor Discovery
examining all the devices on a network with ARP/NDP (neighbor discovery protocol)
router's optional functions
filter broadcast transmissions; prevent certain types of traffic from getting to the network; support simultaneous local and remote connectivity; monitor network traffic and report stats; diagnose internal connectivity problems + trigger alarms
core routers or interior routers
located inside networks within the same autonomous system; can only communicate with routers within the same AS
routing metrics
properties of a route: -hop count -theoretical bandwidth vs actual throughput -latency -load/traffic on a path -MTU, packet size allowed -routing cost -reliability of path based on memory of past performance -network topology
EGP (Exterior Gateway Protocol)
routing protocols used by edge routers and exterior routers to distribute data outside of autonomous systems; BGP
19. Which Linux utility provides output similar to Wireshark's?
tcpdumb
flow control
the process of gauging the appropriate rate of transmission based on how quickly the recipient can accept data
default route
the route to use if no other route is a match
12. What process is used to establish a TCP connection?
the three-way handshake
Probes
trial messages that trigger routers along the route to return specific information about its path
collision
when two transmissions from nodes interfere with each other
`route` command
windows: route print linux: route cisco: show ip route
