Intermediate TCP/IP PJC CCNA Semester 2 Ver. 3.0 by William Kelly.
-
Upload
luis-jimenez -
Category
Documents
-
view
218 -
download
0
Transcript of Intermediate TCP/IP PJC CCNA Semester 2 Ver. 3.0 by William Kelly.
Intermediate TCP/IP
PJC CCNA Semester 2 Ver. 3.0by
William Kelly
The TCP/IP Protocol Suite
Standard for Internetwork Communications
TCP/IP closely maps to the OSI model and is helpful in understanding other protocols
TCP/IP includes layer 3 and 4 protocols as well as upper layer protocols
OSI vs. TCP
Application
Presentation
Session
Transport
Network
Data Link
Physical1
2
3
4
5
6
7
Application
Transport
Internet
NetworkInterface
Common TCP Protocols DNS – Domain Name Server WINS – Windows Naming Service HOSTS – Static IP mapping file POP3 – Post Office Protocol SMTP – Simple Mail Transfer Protocol FTP – File Transfer Protocol TFTP – Trivial File Transfer Protocol HTTP – Hypertext Transfer Protocol
Troubleshooting Protocols
Telnet - used for testing the application layer
Packet Internet Groper (ping) – used for lower layer testing
traceroute – used to find a break in the internetwork path between the source and the destination networks
Windows Troubleshooting Protocols
NBSTAT- used to troubleshoot NETBIOS name resolution
NETSTAT – useful to summarize TCP/IP connections
ipconfig/winipcfg – displays the current network settings (IP address of host, mask, gateway, and DNS information)
Transport Layer key points
Protocols (TCP and UDP) Flow Control/Windowing Data Reliability 3-way handshakes Denial of Service Ports
Layer 4: Transport LayerTCP vs. UDP
Connection-oriented Reliable Messages divided
into segments Reassembles at
destination Resends data that is
not acknowledged
Connectionless Unreliable Messages are called
datagrams Software checking of
message delivery No reassembly of
messages No acknowledgements No Flow Control
Transport Layer Protocols: TCP Segment Format
0 168 31
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
HeaderLength (4)
HeaderLength (4) Code Bits (6) Window (16)
Checksum (16) Urgent(16)
Options (0 or 32 if any)
Data (varies)
Transport Layer Protocols: UDP Segment Format
0 168 31Source Port
(16)Destination
Port (16) Length (16) Checksum (16) Data (Variable)
Notice port numbers are used in the formation of both UDP and TCP segments
Flow Control and Windowing Flow control is the regulation of how much
data is sent during a transmission period and windowing is the process of flow control
TCP breaks down large pieces of data into segments suitable for transmission
Windows size determines how many segments can be sent before acknowledgement A sliding window adjusts the number of segments
sent to cope with congestion or slow processing by the destination host
Data ReliabilityReliability is provided in 3 ways:1. Sliding windows
Controls the amount of information transferred Congestion avoidance and control Allows more than one segment to be sent
before acknowledgement Positive acknowledgement with retransmission
2. Synchronization3. Sequence numbers
Sequencing of segments at source before transmission
3 Way Handshakes TCP allows a synchronization process prior
to data transmission that forms a virtual circuit
Sequence numbers included in the handshake assure that positive acknowledgements can be made to the connection request and to transmitted segments (Remember IP provides no verification that data was transmitted successfully)
3 Way Handshakes (cont.)Host A
Host BSendSeq.=x
ReceiveSeq.=xAck X + 1
Send Y
Ack Y + 1
Denial of Service Attacks During Synchronization
Syn Flooding is one type of DOS that uses a false source IP address during a 3 way handshake causing a reply to a non-existent address. This fills up the connection queue and exhausts system resources. Possible defenses include: Decreasing the connection timeout Increasing the size of the connection queue
Ports Ports are represented by a 16 bit number ( 0 -
65,535 possible) Three types of ports are:
Well Known – 0 – 1023 Registered – 1024 – 49,151 Dynamic or Private – 49,152 – 65,535
A port number and an IP address for a socket Usually clients randomly assign source port
numbers Note: Numbers below 255 are for public
applications, numbers between 255 and 1023 are assigned to companies for marketable applications, and numbers above 1023 are unregulated
Important Port Numbers!!
Internet Layer Protocols IP – connectionless best-effort system to
move datagrams to a destination ICMP – Provides control and messaging ARP – Address Resolution Protocol
determines a MAC address for a known IP address
RARP – Reverse Address Resolution Protocol determines an IP address for a known MAC address (diskless workstations)