SlideShare a Scribd company logo

Lecture 2-TCP-IP Protocols (view only).pptx

Download as PPTX, PDF
S
ShaimasafaaldinBahaa1

The document provides a comprehensive overview of TCP/IP protocols, covering key topics such as web and email protocols (HTTP, HTTPS, SMTP, POP, IMAP), DNS for name resolution, DHCP for IP address allocation, and file sharing via FTP and SMB. It highlights the functions and operations of these protocols, ensuring compatibility for successful communication, as well as the roles of ARP and ICMP in address resolution and network messaging. Additionally, it delves into the mechanics of how data is transmitted across networks, including error handling and message formats.

Education
1 of 60
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
TCP/IP PROTOCOLS Dr. Shaima’ Safa aldin Computer Networks’ Protocols
To find out about: 1. Hyper-Text-Transfer & Secure Protocols: HTTP & HTTPS 2. Simple Mail Transfer, Post Office & Internet Message Access Protocols: SMTP, POP & IMAP 3. Domain Name Service: DNS 4. Dynamic Host Control Protocol: DHCP 5. File Transfer Protocol & Server Message Block: FTP & SMB 6. Address Resolution Protocol: ARP 7. IP Control Messaging: ICMP 8. Network & Port Address Translations: NAT & PAT Topic’s objectives
TCP/IP Layer Protocols • The TCP/IP application protocols specify the format and control information necessary for many common internet communication functions. • Application layer protocols are used by both the source and destination devices during a communication session. • For the communications to be successful, the application layer protocols that are implemented on the source and destination host must be compatible.
WEB AND EMAIL PROTOCOLS
Web and Email Protocols Hypertext Transfer Protocol and Hypertext Markup Language When a web address or Uniform Resource Locator (URL) is typed into a web browser, the web browser establishes a connection to the web service. The web service is running on the server that is using the HTTP protocol. To better understand how the web browser and web server interact, examine how a web page is opened in a browser. Step 1 The browser interprets the three parts of the URL: • http (the protocol or scheme) • www.cisco.com (the server name) • index.html (the specific filename requested)
Step 2 The browser then checks with a name server to convert www.cisco.com into a numeric IP address, which it uses to connect to the server. The client initiates an HTTP request to a server by sending a GET request to the server and asks for the index.html file. Step 3 In response to the request, the server sends the HTML code for this web page to the browser. Web and Email Protocols Hypertext Transfer Protocol and Hypertext Markup Language
Step 4 The browser deciphers the HTML code and formats the page for the browser window. Web and Email Protocols Hypertext Transfer Protocol and Hypertext Markup Language
Web and Email Protocols HTTP and HTTPS HTTP is a request/response protocol that specifies the message types used for that communication. The three common message types are GET, POST, and PUT: • GET - This is a client request for data. A client (web browser) sends the GET message to the web server to request HTML pages. • POST - This uploads data files to the web server, such as form data. • PUT - This uploads resources or content to the web server, such as an image. Note: HTTP is not a secure protocol. For secure communications sent across the internet, HTTPS should be used.
Web and Email Protocols Email Protocols Email is a store-and-forward method of sending, storing, and retrieving electronic messages across a network. Email messages are stored in databases on mail servers. Email clients communicate with mail servers to send and receive email. The email protocols used for operation are: • Simple Mail Transfer Protocol (SMTP) – used to send mail. • Post Office Protocol (POP) & IMAP – used for clients to receive mail.
Web and Email Protocols SMTP, POP and IMAP • When a client sends email, the client SMTP process connects with a server SMTP process on well-known port 25. • After the connection is made, the client attempts to send the email to the server across the connection. • When the server receives the message, it either places the message in a local account, if the recipient is local, or forwards the message to another mail server for delivery. • The destination email server may not be online or may be busy. If so, SMTP spools messages to be sent at a later time. Note: SMTP message formats require a message header (recipient email address & sender email address) and a message body.
POP is used by an application to retrieve mail from a mail server. When mail is downloaded from the server to the client using POP the messages are then deleted on the server. • The server starts the POP service by passively listening on TCP port 110 for client connection requests. • When a client wants to make use of the service, it sends a request to establish a TCP connection with the server. • When the connection is established, the POP server sends a greeting. • The client and POP server then exchange commands and responses until the connection is closed or aborted. Note: Since POP does not store messages, it is not recommended for small businesses that need a centralized backup solution. Web and Email Protocols SMTP, POP and IMAP (Cont.)
Web and Email Protocols SMTP, POP and IMAP (Cont.) IMAP is another protocol that describes a method to retrieve email messages. • Unlike POP, when a user connects to an IMAP server, copies of the messages are downloaded to the client application. The original messages are kept on the server until manually deleted. • When a user decides to delete a message, the server synchronizes that action and deletes the message from the server.
IP ADDRESSING PROTOCOLS
IP Addressing Services Domain Name Service • Domain names were created to convert the numeric IP addresses into a simple, recognizable name. • Fully-qualified domain names (FQDNs), such as http://www.cisco.com, are much easier for people to remember than 198.133.219.25. • The DNS protocol defines an automated service that matches resource names with the required numeric network address. It includes the format for queries, responses, and data. 1 2 3 4 5
IP Addressing Services DNS Message Format The DNS server stores different types of resource records that are used to resolve names. These records contain the name, address, and type of record. Some of these record types are as follows: • A - An end device IPv4 address • NS - An authoritative name server • AAAA - An end device IPv6 address (pronounced quad-A) • MX - A mail exchange record When a client makes a query, the server DNS process first looks at its own records to resolve the name. If it is unable to resolve the name by using its stored records, it contacts other servers to resolve the name. After a match is found and returned to the original requesting server, the server temporarily stores the numbered address in the event that the same name is requested again.
IP Addressing Services DNS Message Format (Cont.) DNS uses the same message format between servers, consisting of a question, answer, authority, and additional information for all types of client queries and server responses, error messages, and transfer of resource record information. DNS message section Description Question The question for the name server Answer Resource Records answering the question Authority Resource Records pointing toward an authority Additional Resource Records holding additional information
IP Addressing Services DNS Hierarchy • DNS uses a hierarchical system to create a database to provide name resolution. • Each DNS server maintains a specific database file and is only responsible for managing name-to-IP mappings for that small portion of the entire DNS structure. • When a DNS server receives a request for a name translation that is not within its DNS zone, the DNS server forwards the request to another DNS server within the proper zone for translation. • Examples of top-level domains: • .com - a business or industry • .org - a non-profit organization • .au - Australia
IP Addressing Services The nslookup Command • Nslookup is a computer operating system utility that allows a user to manually query the DNS servers configured on the device to resolve a given host name. • This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers. • When the nslookup command is issued, the default DNS server configured for your host is displayed. • The name of a host or domain can be entered at the nslookup prompt.
IP Addressing Services Dynamic Host Configuration Protocol • The Dynamic Host Configuration Protocol (DHCP) for IPv4 service automates the assignment of IPv4 addresses, subnet masks, gateways, and other IPv4 networking parameters. • DHCP is considered dynamic addressing compared to static addressing. Static addressing is manually entering IP address information. • When a host connects to the network, the DHCP server is contacted, and an address is requested. The DHCP server chooses an address from a configured range of addresses called a pool and assigns (leases) it to the host. • Many networks use both DHCP and static addressing. DHCP is used for general purpose hosts, such as end user devices. Static addressing is used for network devices, such as gateway routers, switches, servers, and printers. Note: DHCP for IPv6 (DHCPv6) provides similar services for IPv6 clients. However, DHCPv6 does not provide a default gateway address. This can only be obtained dynamically from the Router Advertisement message of the router.
IP Addressing Services DHCP Operation The DHCP Process: • When an IPv4, DHCP-configured device boots up or connects to the network, the client broadcasts a DHCP discover (DHCPDISCOVER) message to identify any available DHCP servers on the network. • A DHCP server replies with a DHCP offer (DHCPOFFER) message, which offers a lease to the client. (If a client receives more than one offer due to multiple DHCP servers on the network, it must choose one.) • The client sends a DHCP request (DHCPREQUEST) message that identifies the explicit server and lease offer that the client is accepting. • The server then returns a DHCP acknowledgment (DHCPACK) message that acknowledges to the client that the lease has been finalized. • If the offer is no longer valid, then the selected server responds with a DHCP negative acknowledgment (DHCPNAK) message and the process must begin with a new DHCPDISCOVER message. Note: DHCPv6 has a set of messages that is similar to those for DHCPv4. The DHCPv6 messages are SOLICIT, ADVERTISE, INFORMATION REQUEST, and REPLY.
FILE SHARING PROTOCOLS
File Sharing Services File Transfer Protocol FTP was developed to allow for data transfers between a client and a server. An FTP client is an application which runs on a computer that is being used to push and pull data from an FTP server. Step 1 - The client establishes the first connection to the server for control traffic using TCP port 21. The traffic consists of client commands and server replies. Step 2 - The client establishes the second connection to the server for the actual data transfer using TCP port 20. This connection is created every time there is data to be transferred. Step 3 - The data transfer can happen in either direction. The client can download (pull) data from the server, or the client can upload (push) data to the server.
File Sharing Services Server Message Block The Server Message Block (SMB) is a client/server, request-response file sharing protocol. Servers can make their own resources available to clients on the network. Three functions of SMB messages: • Start, authenticate, and terminate sessions • Control file and printer access • Allow an application to send or receive messages to or from another device Unlike the file sharing supported by FTP, clients establish a long-term connection to servers. After the connection is established, the user of the client can access the resources on the server as though the resource is local to the client host.
ADDRESS RESOLUTION PROTOCOLS
There are two primary addresses assigned to a device on an Ethernet LAN: • Layer 2 physical address (the MAC address) – Used for NIC to NIC communications on the same Ethernet network. • Layer 3 logical address (the IP address) – Used to send the packet from the source device to the destination device. Layer 2 addresses are used to deliver frames from one NIC to another NIC on the same network. If a destination IP address is on the same network, the destination MAC address will be that of the destination device. MAC and IP Destination on Same Network
When the destination IP address is on a remote network, the destination MAC address is that of the default gateway. • ARP is used by IPv4 to associate the IPv4 address of a device with the MAC address of the device NIC. • ICMPv6 is used by IPv6 to associate the IPv6 address of a device with the MAC address of the device NIC. MAC and IP Destination on Remote Network
A device uses ARP to determine the destination MAC address of a local device when it knows its IPv4 address. ARP provides two basic functions: • Resolving IPv4 addresses to MAC addresses • Maintaining an ARP table of IPv4 to MAC address mappings ARP ARP Overview
To send a frame, a device will search its ARP table for a destination IPv4 address and a corresponding MAC address. • If the packet’s destination IPv4 address is on the same network, the device will search the ARP table for the destination IPv4 address. • If the destination IPv4 address is on a different network, the device will search the ARP table for the IPv4 address of the default gateway. • If the device locates the IPv4 address, its corresponding MAC address is used as the destination MAC address in the frame. • If there is no ARP table entry is found, then the device sends an ARP request. ARP ARP Functions
• Entries in the ARP table are not permanent and are removed when an ARP cache timer expires after a specified period of time. • The duration of the ARP cache timer differs depending on the operating system. • ARP table entries can also be removed manually by the administrator. ARP Removing Entries from an ARP Table
• The show ip arp command displays the ARP table on a Cisco router. • The arp –a command displays the ARP table on a Windows 10 PC. ARP ARP Tables on Networking Devices R1# show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 192.168.10.1 - a0e0.af0d.e140 ARPA GigabitEthernet0/0/0 C:UsersPC> arp -a Interface: 192.168.1.124 --- 0x10 Internet Address Physical Address Type 192.168.1.1 c8-d7-19-cc-a0-86 dynamic 192.168.1.101 08-3e-0c-f5-f7-77 dynamic
• ARP requests are received and processed by every device on the local network. • Excessive ARP broadcasts can cause some reduction in performance. • ARP replies can be spoofed by a threat actor to perform an ARP poisoning attack. • Enterprise level switches include mitigation techniques to protect against ARP attacks. ARP ARP Issues – ARP Broadcasting and ARP Spoofing
INTERNET CONTROL MESSAGE PROTOCOL (ICMP)
ICMP Messages ICMPv4 & ICMPv6 Messages • Internet Control Message Protocol (ICMP) provides feedback about issues related to the processing of IP packets under certain conditions. • ICMPv4 is the messaging protocol for IPv4. ICMPv6 is the messaging protocol for IPv6 and includes additional functionality. • The ICMP messages common to both ICMPv4 and ICMPv6 include: • Host reachability • Destination or Service Unreachable • Time exceeded Note: ICMPv4 messages are not required and are often not allowed within a network for security reasons.
ICMP Messages Host Reachability ICMP Echo Message can be used to test the reachability of a host on an IP network. In the example: • The local host sends an ICMP Echo Request to a host. • If the host is available, the destination host responds with an Echo Reply.
ICMP Messages Destination or Service Unreachable • An ICMP Destination Unreachable message can be used to notify the source that a destination or service is unreachable. • The ICMP message will include a code indicating why the packet could not be delivered. A few Destination Unreachable codes for ICMPv4 are as follows: • 0 - Net unreachable • 1 - Host unreachable • 2 - Protocol unreachable • 3 - Port unreachable A few Destination Unreachable codes for ICMPv6 are as follows: • 0 - No route to destination • 1 - Communication with the destination is administratively prohibited (e.g., firewall) • 2 – Beyond scope of the source address • 3 - Address unreachable • 4 - Port unreachable Note: ICMPv6 has similar but slightly different codes for Destination Unreachable messages
ICMP Messages Time Exceeded • When the Time to Live (TTL) field in a packet is decremented to 0, an ICMPv4 Time Exceeded message will be sent to the source host. • ICMPv6 also sends a Time Exceeded message. Instead of the IPv4 TTL field, ICMPv6 uses the IPv6 Hop Limit field to determine if the packet has expired. Note: Time Exceeded messages are used by the traceroute tool.
ICMP Error Messages Sent when a router determines that a packet cannot be delivered. It is specified whether destination host is unreachable or the network Type (3) Code (0 to 12) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31
When a router discards a packet due to lack of buffer space, it sends a source quench message to the source host (so that it slows down) Type (4) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
Type (11) Code (0 or 1) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 1) When Time to Live (TTL) is decremented to zero, 2) When Reassembly timer expires before all fragments arrive at dest. “Time exceeded” ICMP message sent to datagram source in two cases: ICMP Error Messages
Type (12) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 Any of the datagram’s parameter is incorrect ICMP Error Messages
Type (5) Code (0 to 3) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 Sent if a router determines that a host has incorrectly sent datagram that should be sent to different router Redirect can specify either a change for a host or complete network ICMP Error Messages
Used by the ping command to determine connectivity between two end-points Type (8 or 0) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
Type (13 or 14) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 Used for requesting and replying with the system’s time ICMP Error Messages
Used by hosts at boot up to get information about subnet mask being used Type (17or 18) Code (0) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
Used by a host to solicit the services of a router Type (10) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
PING AND TRACEROUTE TESTS
Ping and Traceroute Tests Ping – Test Connectivity • The ping command is an IPv4 and IPv6 testing utility that uses ICMP echo request and echo reply messages to test connectivity between hosts and provides a summary that includes the success rate and average round-trip time to the destination. • If a reply is not received within the timeout, ping provides a message indicating that a response was not received. • It is common for the first ping to timeout if address resolution (ARP or ND) needs to be performed before sending the ICMP Echo Request.
Ping and Traceroute Tests Ping the Loopback Ping can be used to test the internal configuration of IPv4 or IPv6 on the local host. To do this, ping the local loopback address of 127.0.0.1 for IPv4 (::1 for IPv6). • A response from 127.0.0.1 for IPv4, or ::1 for IPv6, indicates that IP is properly installed on the host. • An error message indicates that TCP/IP is not operational on the host.
Ping and Traceroute Tests Ping the Default Gateway The ping command can be used to test the ability of a host to communicate on the local network. The default gateway address is most often used because the router is normally always operational. • A successful ping to the default gateway indicates that the host and the router interface serving as the default gateway are both operational on the local network. • If the default gateway address does not respond, a ping can be sent to the IP address of another host on the local network that is known to be operational.
Ping and Traceroute Tests Ping a Remote Host Ping can also be used to test the ability of a local host to communicate across an internetwork. A local host can ping a host on a remote network. A successful ping across the internetwork confirms communication on the local network. Note: Many network administrators limit or prohibit the entry of ICMP messages therefore, the lack of a ping response could be due to security restrictions.
Ping and Traceroute Tests Traceroute – Test the Path • Traceroute (tracert) is a utility that is used to test the path between two hosts and provide a list of hops that were successfully reached along that path. • Traceroute provides round-trip time for each hop along the path and indicates if a hop fails to respond. An asterisk (*) is used to indicate a lost or unreplied packet. • This information can be used to locate a problematic router in the path or may indicate that the router is configured not to reply. Note: Traceroute makes use of a function of the TTL field in IPv4 and the Hop Limit field in IPv6 in the Layer 3 headers, along with the ICMP Time Exceeded message.
Ping and Traceroute Tests Traceroute – Test the Path (Cont.) • The first message sent from traceroute will have a TTL field value of 1. This causes the TTL to time out at the first router. This router then responds with a ICMPv4 Time Exceeded message. • Traceroute then progressively increments the TTL field (2, 3, 4...) for each sequence of messages. This provides the trace with the address of each hop as the packets time out further down the path. • The TTL field continues to be increased until the destination is reached, or it is incremented to a predefined maximum.
NAT OPERATION
NAT Characteristics IPv4 Private Address Space • Private IP addresses are used within an organization and home networks. Did you ever notice how all your labs were based on these addresses? These are the IP addresses you will see assigned to company devices.
NAT Characteristics What is NAT? • Private IP addresses cannot be routed over the Internet. • NAT is used to translate private IP addresses used inside a company to public addresses that can be routed over the Internet. • NAT hides internal IPv4 addresses from outside networks. • A NAT-enabled router can be configured with a public IPv4 address. Important Concept—NAT is enabled on one device (normally the border or edge router) A NAT-enabled router can be configured with multiple public IPv4 addresses to be used in a pool or NAT pool for internal devices configured with private addresses.
NAT Characteristics NAT Terminology • Four types of addresses: inside, outside, local, and global • Always consider the device that is having its private address translated to understand this concept. • Inside address – address of the company network device that is being translated by NAT • Outside address – IP address of the destination device • Local address – any address that appears on the inside portion of the network • Global address – any address that appears on the outside portion of the network
NAT Characteristics NAT Terminology (Cont.)
NAT Advantages Advantages of NAT • Conserves the legally registered addressing scheme • Every company can use the private IP addresses • Increases the flexibility of connections to the public network • Multiple NAT pools, backup pools, and load-balancing across NAT pools • Provides consistency for internal network addressing schemes • Do not have to readdress the network if a new ISP or public IP address is assigned • Provides network security • Hides user private IPv4 addresses
NAT Advantages Disadvantages of NAT • Performance is degraded. • The NAT-enabled border device must track and process each session destined for an external network. • End-to-end functionality is degraded. • Translation of each IPv4 address within the packet headers takes time. • End-to-end IP traceability is lost. • Some applications require end-to-end addressing and cannot be used with NAT. • Static NAT mappings can sometimes be used. • Troubleshooting can be more challenging. • Tunneling becomes more complicated. • Initiating TCP connections can be disrupted.
ITN: • Chapter 15 – Application Layer • Chapter 13 - ICMP • Chapter 9 - Address Resolution References

More Related Content

PPTX
Unit 6 : Application Layer
Chandan Gupta Bhagat
 
PPTX
15 Application layer.pptx
MochamadSyaifulAnwar2
 
PPTX
Unit 5 Applifffffffffffcation Layer.pptx
adityagupta285846
 
PPTX
Basic to advance protocols
Varinder Singh Walia
 
PPT
Tcpip services and applications
Online
 
PDF
009478419.pdf
EidTahir
 
PPTX
Overview of Application Layer in OSI Model
rddbhn
 
PPTX
OSI Application layer. tcp/ip application layer
artisticcc11
 
Unit 6 : Application Layer
Chandan Gupta Bhagat
 
15 Application layer.pptx
MochamadSyaifulAnwar2
 
Unit 5 Applifffffffffffcation Layer.pptx
adityagupta285846
 
Basic to advance protocols
Varinder Singh Walia
 
Tcpip services and applications
Online
 
009478419.pdf
EidTahir
 
Overview of Application Layer in OSI Model
rddbhn
 
OSI Application layer. tcp/ip application layer
artisticcc11
 

Similar to Lecture 2-TCP-IP Protocols (view only).pptx (20)

DOCX
Tcp
Indrasena Reddy
 
PPT
Jaimin chp-7 - application layer- 2011 batch
Jaimin Jani
 
PPT
Application layer protocols
JUW Jinnah University for Women
 
PPTX
Information on protocols-email protocols
Priyanka Shinde
 
PPTX
System and network administration network services
Uc Man
 
PDF
Networking:) Based on Ethical Hacking And Cyber Security
ManishKumarH
 
PPS
Networking
Bob Watson
 
PPTX
4-Lect_4-2.pptx4-Lect_4-2.pptx4-Lect_4-2.pptx
ZahouAmel1
 
PPTX
Web Programming HTML.pptx
MarwaAnany1
 
PPS
Protocol
Prem Sahu
 
PPT
Application layer protocols
N.Jagadish Kumar
 
PPTX
IOT2.pptx is internet of things presentation
kaaraapatil
 
PPTX
Protocols
Sonali Chawla
 
PPT
tcp ip protocols.ppt
ssuser3acfba
 
PDF
6 networking
richarddxd
 
PDF
Web tcp ip
krupalipandya29
 
PPT
TCP/IP
Syed Zaid Irshad
 
PPT
The Internet protocol suite, commonly known as TCP/IP, is a framework for org...
MathivananP4
 
DOCX
Network Testing ques
Pragya Rastogi
 
PPT
chapter-4-networking hjgjjgj did hfhhfhj
AmitDeshai
 
Tcp
Indrasena Reddy
 
Jaimin chp-7 - application layer- 2011 batch
Jaimin Jani
 
Application layer protocols
JUW Jinnah University for Women
 
Information on protocols-email protocols
Priyanka Shinde
 
System and network administration network services
Uc Man
 
Networking:) Based on Ethical Hacking And Cyber Security
ManishKumarH
 
Networking
Bob Watson
 
4-Lect_4-2.pptx4-Lect_4-2.pptx4-Lect_4-2.pptx
ZahouAmel1
 
Web Programming HTML.pptx
MarwaAnany1
 
Protocol
Prem Sahu
 
Application layer protocols
N.Jagadish Kumar
 
IOT2.pptx is internet of things presentation
kaaraapatil
 
Protocols
Sonali Chawla
 
tcp ip protocols.ppt
ssuser3acfba
 
6 networking
richarddxd
 
Web tcp ip
krupalipandya29
 
TCP/IP
Syed Zaid Irshad
 
The Internet protocol suite, commonly known as TCP/IP, is a framework for org...
MathivananP4
 
Network Testing ques
Pragya Rastogi
 
chapter-4-networking hjgjjgj did hfhhfhj
AmitDeshai
 
Ad

More from ShaimasafaaldinBahaa1 (6)

PPTX
Lecture 4-Internetworking-Concepts (view-only).pptx
ShaimasafaaldinBahaa1
 
PPTX
Lecture 1-Addressing,Devices,Performance (view only).pptx
ShaimasafaaldinBahaa1
 
PPTX
introduction to Microprocessors and history.pptx
ShaimasafaaldinBahaa1
 
PPTX
أخلاقيات الطلبة في الحرم الجامعي.pptx
ShaimasafaaldinBahaa1
 
PDF
أخلاقيات المهنة- مهمة اتخاذ القرار الأخلاقي.pdf
ShaimasafaaldinBahaa1
 
PPTX
محاضرتي الأولى-الوحدة الأولى التعليم والتعلم.pptx
ShaimasafaaldinBahaa1
 
Lecture 4-Internetworking-Concepts (view-only).pptx
ShaimasafaaldinBahaa1
 
Lecture 1-Addressing,Devices,Performance (view only).pptx
ShaimasafaaldinBahaa1
 
introduction to Microprocessors and history.pptx
ShaimasafaaldinBahaa1
 
أخلاقيات الطلبة في الحرم الجامعي.pptx
ShaimasafaaldinBahaa1
 
أخلاقيات المهنة- مهمة اتخاذ القرار الأخلاقي.pdf
ShaimasafaaldinBahaa1
 
محاضرتي الأولى-الوحدة الأولى التعليم والتعلم.pptx
ShaimasafaaldinBahaa1
 
Ad

Recently uploaded (20)

PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PDF
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PDF
Insiders guide to clinical Medicine.pdf
AbhishekPatil315128
 
PDF
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
Lesson notes of climatology university.
sgladness67
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PPTX
master seminar digital applications in india
ananyaray35
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
Insiders guide to clinical Medicine.pdf
AbhishekPatil315128
 
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
Lesson notes of climatology university.
sgladness67
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Classroom Observation Tools for Teachers
Nicaramirez
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
master seminar digital applications in india
ananyaray35
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 

Lecture 2-TCP-IP Protocols (view only).pptx

  • 1. TCP/IP PROTOCOLS Dr. Shaima’ Safa aldin Computer Networks’ Protocols
  • 2. To find out about: 1. Hyper-Text-Transfer & Secure Protocols: HTTP & HTTPS 2. Simple Mail Transfer, Post Office & Internet Message Access Protocols: SMTP, POP & IMAP 3. Domain Name Service: DNS 4. Dynamic Host Control Protocol: DHCP 5. File Transfer Protocol & Server Message Block: FTP & SMB 6. Address Resolution Protocol: ARP 7. IP Control Messaging: ICMP 8. Network & Port Address Translations: NAT & PAT Topic’s objectives
  • 3. TCP/IP Layer Protocols • The TCP/IP application protocols specify the format and control information necessary for many common internet communication functions. • Application layer protocols are used by both the source and destination devices during a communication session. • For the communications to be successful, the application layer protocols that are implemented on the source and destination host must be compatible.
  • 4. WEB AND EMAIL PROTOCOLS
  • 5. Web and Email Protocols Hypertext Transfer Protocol and Hypertext Markup Language When a web address or Uniform Resource Locator (URL) is typed into a web browser, the web browser establishes a connection to the web service. The web service is running on the server that is using the HTTP protocol. To better understand how the web browser and web server interact, examine how a web page is opened in a browser. Step 1 The browser interprets the three parts of the URL: • http (the protocol or scheme) • www.cisco.com (the server name) • index.html (the specific filename requested)
  • 6. Step 2 The browser then checks with a name server to convert www.cisco.com into a numeric IP address, which it uses to connect to the server. The client initiates an HTTP request to a server by sending a GET request to the server and asks for the index.html file. Step 3 In response to the request, the server sends the HTML code for this web page to the browser. Web and Email Protocols Hypertext Transfer Protocol and Hypertext Markup Language
  • 7. Step 4 The browser deciphers the HTML code and formats the page for the browser window. Web and Email Protocols Hypertext Transfer Protocol and Hypertext Markup Language
  • 8. Web and Email Protocols HTTP and HTTPS HTTP is a request/response protocol that specifies the message types used for that communication. The three common message types are GET, POST, and PUT: • GET - This is a client request for data. A client (web browser) sends the GET message to the web server to request HTML pages. • POST - This uploads data files to the web server, such as form data. • PUT - This uploads resources or content to the web server, such as an image. Note: HTTP is not a secure protocol. For secure communications sent across the internet, HTTPS should be used.
  • 9. Web and Email Protocols Email Protocols Email is a store-and-forward method of sending, storing, and retrieving electronic messages across a network. Email messages are stored in databases on mail servers. Email clients communicate with mail servers to send and receive email. The email protocols used for operation are: • Simple Mail Transfer Protocol (SMTP) – used to send mail. • Post Office Protocol (POP) & IMAP – used for clients to receive mail.
  • 10. Web and Email Protocols SMTP, POP and IMAP • When a client sends email, the client SMTP process connects with a server SMTP process on well-known port 25. • After the connection is made, the client attempts to send the email to the server across the connection. • When the server receives the message, it either places the message in a local account, if the recipient is local, or forwards the message to another mail server for delivery. • The destination email server may not be online or may be busy. If so, SMTP spools messages to be sent at a later time. Note: SMTP message formats require a message header (recipient email address & sender email address) and a message body.
  • 11. POP is used by an application to retrieve mail from a mail server. When mail is downloaded from the server to the client using POP the messages are then deleted on the server. • The server starts the POP service by passively listening on TCP port 110 for client connection requests. • When a client wants to make use of the service, it sends a request to establish a TCP connection with the server. • When the connection is established, the POP server sends a greeting. • The client and POP server then exchange commands and responses until the connection is closed or aborted. Note: Since POP does not store messages, it is not recommended for small businesses that need a centralized backup solution. Web and Email Protocols SMTP, POP and IMAP (Cont.)
  • 12. Web and Email Protocols SMTP, POP and IMAP (Cont.) IMAP is another protocol that describes a method to retrieve email messages. • Unlike POP, when a user connects to an IMAP server, copies of the messages are downloaded to the client application. The original messages are kept on the server until manually deleted. • When a user decides to delete a message, the server synchronizes that action and deletes the message from the server.
  • 14. IP Addressing Services Domain Name Service • Domain names were created to convert the numeric IP addresses into a simple, recognizable name. • Fully-qualified domain names (FQDNs), such as http://www.cisco.com, are much easier for people to remember than 198.133.219.25. • The DNS protocol defines an automated service that matches resource names with the required numeric network address. It includes the format for queries, responses, and data. 1 2 3 4 5
  • 15. IP Addressing Services DNS Message Format The DNS server stores different types of resource records that are used to resolve names. These records contain the name, address, and type of record. Some of these record types are as follows: • A - An end device IPv4 address • NS - An authoritative name server • AAAA - An end device IPv6 address (pronounced quad-A) • MX - A mail exchange record When a client makes a query, the server DNS process first looks at its own records to resolve the name. If it is unable to resolve the name by using its stored records, it contacts other servers to resolve the name. After a match is found and returned to the original requesting server, the server temporarily stores the numbered address in the event that the same name is requested again.
  • 16. IP Addressing Services DNS Message Format (Cont.) DNS uses the same message format between servers, consisting of a question, answer, authority, and additional information for all types of client queries and server responses, error messages, and transfer of resource record information. DNS message section Description Question The question for the name server Answer Resource Records answering the question Authority Resource Records pointing toward an authority Additional Resource Records holding additional information
  • 17. IP Addressing Services DNS Hierarchy • DNS uses a hierarchical system to create a database to provide name resolution. • Each DNS server maintains a specific database file and is only responsible for managing name-to-IP mappings for that small portion of the entire DNS structure. • When a DNS server receives a request for a name translation that is not within its DNS zone, the DNS server forwards the request to another DNS server within the proper zone for translation. • Examples of top-level domains: • .com - a business or industry • .org - a non-profit organization • .au - Australia
  • 18. IP Addressing Services The nslookup Command • Nslookup is a computer operating system utility that allows a user to manually query the DNS servers configured on the device to resolve a given host name. • This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers. • When the nslookup command is issued, the default DNS server configured for your host is displayed. • The name of a host or domain can be entered at the nslookup prompt.
  • 19. IP Addressing Services Dynamic Host Configuration Protocol • The Dynamic Host Configuration Protocol (DHCP) for IPv4 service automates the assignment of IPv4 addresses, subnet masks, gateways, and other IPv4 networking parameters. • DHCP is considered dynamic addressing compared to static addressing. Static addressing is manually entering IP address information. • When a host connects to the network, the DHCP server is contacted, and an address is requested. The DHCP server chooses an address from a configured range of addresses called a pool and assigns (leases) it to the host. • Many networks use both DHCP and static addressing. DHCP is used for general purpose hosts, such as end user devices. Static addressing is used for network devices, such as gateway routers, switches, servers, and printers. Note: DHCP for IPv6 (DHCPv6) provides similar services for IPv6 clients. However, DHCPv6 does not provide a default gateway address. This can only be obtained dynamically from the Router Advertisement message of the router.
  • 20. IP Addressing Services DHCP Operation The DHCP Process: • When an IPv4, DHCP-configured device boots up or connects to the network, the client broadcasts a DHCP discover (DHCPDISCOVER) message to identify any available DHCP servers on the network. • A DHCP server replies with a DHCP offer (DHCPOFFER) message, which offers a lease to the client. (If a client receives more than one offer due to multiple DHCP servers on the network, it must choose one.) • The client sends a DHCP request (DHCPREQUEST) message that identifies the explicit server and lease offer that the client is accepting. • The server then returns a DHCP acknowledgment (DHCPACK) message that acknowledges to the client that the lease has been finalized. • If the offer is no longer valid, then the selected server responds with a DHCP negative acknowledgment (DHCPNAK) message and the process must begin with a new DHCPDISCOVER message. Note: DHCPv6 has a set of messages that is similar to those for DHCPv4. The DHCPv6 messages are SOLICIT, ADVERTISE, INFORMATION REQUEST, and REPLY.
  • 22. File Sharing Services File Transfer Protocol FTP was developed to allow for data transfers between a client and a server. An FTP client is an application which runs on a computer that is being used to push and pull data from an FTP server. Step 1 - The client establishes the first connection to the server for control traffic using TCP port 21. The traffic consists of client commands and server replies. Step 2 - The client establishes the second connection to the server for the actual data transfer using TCP port 20. This connection is created every time there is data to be transferred. Step 3 - The data transfer can happen in either direction. The client can download (pull) data from the server, or the client can upload (push) data to the server.
  • 23. File Sharing Services Server Message Block The Server Message Block (SMB) is a client/server, request-response file sharing protocol. Servers can make their own resources available to clients on the network. Three functions of SMB messages: • Start, authenticate, and terminate sessions • Control file and printer access • Allow an application to send or receive messages to or from another device Unlike the file sharing supported by FTP, clients establish a long-term connection to servers. After the connection is established, the user of the client can access the resources on the server as though the resource is local to the client host.
  • 25. There are two primary addresses assigned to a device on an Ethernet LAN: • Layer 2 physical address (the MAC address) – Used for NIC to NIC communications on the same Ethernet network. • Layer 3 logical address (the IP address) – Used to send the packet from the source device to the destination device. Layer 2 addresses are used to deliver frames from one NIC to another NIC on the same network. If a destination IP address is on the same network, the destination MAC address will be that of the destination device. MAC and IP Destination on Same Network
  • 26. When the destination IP address is on a remote network, the destination MAC address is that of the default gateway. • ARP is used by IPv4 to associate the IPv4 address of a device with the MAC address of the device NIC. • ICMPv6 is used by IPv6 to associate the IPv6 address of a device with the MAC address of the device NIC. MAC and IP Destination on Remote Network
  • 27. A device uses ARP to determine the destination MAC address of a local device when it knows its IPv4 address. ARP provides two basic functions: • Resolving IPv4 addresses to MAC addresses • Maintaining an ARP table of IPv4 to MAC address mappings ARP ARP Overview
  • 28. To send a frame, a device will search its ARP table for a destination IPv4 address and a corresponding MAC address. • If the packet’s destination IPv4 address is on the same network, the device will search the ARP table for the destination IPv4 address. • If the destination IPv4 address is on a different network, the device will search the ARP table for the IPv4 address of the default gateway. • If the device locates the IPv4 address, its corresponding MAC address is used as the destination MAC address in the frame. • If there is no ARP table entry is found, then the device sends an ARP request. ARP ARP Functions
  • 29. • Entries in the ARP table are not permanent and are removed when an ARP cache timer expires after a specified period of time. • The duration of the ARP cache timer differs depending on the operating system. • ARP table entries can also be removed manually by the administrator. ARP Removing Entries from an ARP Table
  • 30. • The show ip arp command displays the ARP table on a Cisco router. • The arp –a command displays the ARP table on a Windows 10 PC. ARP ARP Tables on Networking Devices R1# show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 192.168.10.1 - a0e0.af0d.e140 ARPA GigabitEthernet0/0/0 C:UsersPC> arp -a Interface: 192.168.1.124 --- 0x10 Internet Address Physical Address Type 192.168.1.1 c8-d7-19-cc-a0-86 dynamic 192.168.1.101 08-3e-0c-f5-f7-77 dynamic
  • 31. • ARP requests are received and processed by every device on the local network. • Excessive ARP broadcasts can cause some reduction in performance. • ARP replies can be spoofed by a threat actor to perform an ARP poisoning attack. • Enterprise level switches include mitigation techniques to protect against ARP attacks. ARP ARP Issues – ARP Broadcasting and ARP Spoofing
  • 33. ICMP Messages ICMPv4 & ICMPv6 Messages • Internet Control Message Protocol (ICMP) provides feedback about issues related to the processing of IP packets under certain conditions. • ICMPv4 is the messaging protocol for IPv4. ICMPv6 is the messaging protocol for IPv6 and includes additional functionality. • The ICMP messages common to both ICMPv4 and ICMPv6 include: • Host reachability • Destination or Service Unreachable • Time exceeded Note: ICMPv4 messages are not required and are often not allowed within a network for security reasons.
  • 34. ICMP Messages Host Reachability ICMP Echo Message can be used to test the reachability of a host on an IP network. In the example: • The local host sends an ICMP Echo Request to a host. • If the host is available, the destination host responds with an Echo Reply.
  • 35. ICMP Messages Destination or Service Unreachable • An ICMP Destination Unreachable message can be used to notify the source that a destination or service is unreachable. • The ICMP message will include a code indicating why the packet could not be delivered. A few Destination Unreachable codes for ICMPv4 are as follows: • 0 - Net unreachable • 1 - Host unreachable • 2 - Protocol unreachable • 3 - Port unreachable A few Destination Unreachable codes for ICMPv6 are as follows: • 0 - No route to destination • 1 - Communication with the destination is administratively prohibited (e.g., firewall) • 2 – Beyond scope of the source address • 3 - Address unreachable • 4 - Port unreachable Note: ICMPv6 has similar but slightly different codes for Destination Unreachable messages
  • 36. ICMP Messages Time Exceeded • When the Time to Live (TTL) field in a packet is decremented to 0, an ICMPv4 Time Exceeded message will be sent to the source host. • ICMPv6 also sends a Time Exceeded message. Instead of the IPv4 TTL field, ICMPv6 uses the IPv6 Hop Limit field to determine if the packet has expired. Note: Time Exceeded messages are used by the traceroute tool.
  • 37. ICMP Error Messages Sent when a router determines that a packet cannot be delivered. It is specified whether destination host is unreachable or the network Type (3) Code (0 to 12) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31
  • 38. When a router discards a packet due to lack of buffer space, it sends a source quench message to the source host (so that it slows down) Type (4) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
  • 39. Type (11) Code (0 or 1) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 1) When Time to Live (TTL) is decremented to zero, 2) When Reassembly timer expires before all fragments arrive at dest. “Time exceeded” ICMP message sent to datagram source in two cases: ICMP Error Messages
  • 40. Type (12) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 Any of the datagram’s parameter is incorrect ICMP Error Messages
  • 41. Type (5) Code (0 to 3) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 Sent if a router determines that a host has incorrectly sent datagram that should be sent to different router Redirect can specify either a change for a host or complete network ICMP Error Messages
  • 42. Used by the ping command to determine connectivity between two end-points Type (8 or 0) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
  • 43. Type (13 or 14) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 Used for requesting and replying with the system’s time ICMP Error Messages
  • 44. Used by hosts at boot up to get information about subnet mask being used Type (17or 18) Code (0) Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
  • 45. Used by a host to solicit the services of a router Type (10) Code Checksum Identifier Sequence Number Optional data . . . 0 8 16 31 ICMP Error Messages
  • 47. Ping and Traceroute Tests Ping – Test Connectivity • The ping command is an IPv4 and IPv6 testing utility that uses ICMP echo request and echo reply messages to test connectivity between hosts and provides a summary that includes the success rate and average round-trip time to the destination. • If a reply is not received within the timeout, ping provides a message indicating that a response was not received. • It is common for the first ping to timeout if address resolution (ARP or ND) needs to be performed before sending the ICMP Echo Request.
  • 48. Ping and Traceroute Tests Ping the Loopback Ping can be used to test the internal configuration of IPv4 or IPv6 on the local host. To do this, ping the local loopback address of 127.0.0.1 for IPv4 (::1 for IPv6). • A response from 127.0.0.1 for IPv4, or ::1 for IPv6, indicates that IP is properly installed on the host. • An error message indicates that TCP/IP is not operational on the host.
  • 49. Ping and Traceroute Tests Ping the Default Gateway The ping command can be used to test the ability of a host to communicate on the local network. The default gateway address is most often used because the router is normally always operational. • A successful ping to the default gateway indicates that the host and the router interface serving as the default gateway are both operational on the local network. • If the default gateway address does not respond, a ping can be sent to the IP address of another host on the local network that is known to be operational.
  • 50. Ping and Traceroute Tests Ping a Remote Host Ping can also be used to test the ability of a local host to communicate across an internetwork. A local host can ping a host on a remote network. A successful ping across the internetwork confirms communication on the local network. Note: Many network administrators limit or prohibit the entry of ICMP messages therefore, the lack of a ping response could be due to security restrictions.
  • 51. Ping and Traceroute Tests Traceroute – Test the Path • Traceroute (tracert) is a utility that is used to test the path between two hosts and provide a list of hops that were successfully reached along that path. • Traceroute provides round-trip time for each hop along the path and indicates if a hop fails to respond. An asterisk (*) is used to indicate a lost or unreplied packet. • This information can be used to locate a problematic router in the path or may indicate that the router is configured not to reply. Note: Traceroute makes use of a function of the TTL field in IPv4 and the Hop Limit field in IPv6 in the Layer 3 headers, along with the ICMP Time Exceeded message.
  • 52. Ping and Traceroute Tests Traceroute – Test the Path (Cont.) • The first message sent from traceroute will have a TTL field value of 1. This causes the TTL to time out at the first router. This router then responds with a ICMPv4 Time Exceeded message. • Traceroute then progressively increments the TTL field (2, 3, 4...) for each sequence of messages. This provides the trace with the address of each hop as the packets time out further down the path. • The TTL field continues to be increased until the destination is reached, or it is incremented to a predefined maximum.
  • 54. NAT Characteristics IPv4 Private Address Space • Private IP addresses are used within an organization and home networks. Did you ever notice how all your labs were based on these addresses? These are the IP addresses you will see assigned to company devices.
  • 55. NAT Characteristics What is NAT? • Private IP addresses cannot be routed over the Internet. • NAT is used to translate private IP addresses used inside a company to public addresses that can be routed over the Internet. • NAT hides internal IPv4 addresses from outside networks. • A NAT-enabled router can be configured with a public IPv4 address. Important Concept—NAT is enabled on one device (normally the border or edge router) A NAT-enabled router can be configured with multiple public IPv4 addresses to be used in a pool or NAT pool for internal devices configured with private addresses.
  • 56. NAT Characteristics NAT Terminology • Four types of addresses: inside, outside, local, and global • Always consider the device that is having its private address translated to understand this concept. • Inside address – address of the company network device that is being translated by NAT • Outside address – IP address of the destination device • Local address – any address that appears on the inside portion of the network • Global address – any address that appears on the outside portion of the network
  • 58. NAT Advantages Advantages of NAT • Conserves the legally registered addressing scheme • Every company can use the private IP addresses • Increases the flexibility of connections to the public network • Multiple NAT pools, backup pools, and load-balancing across NAT pools • Provides consistency for internal network addressing schemes • Do not have to readdress the network if a new ISP or public IP address is assigned • Provides network security • Hides user private IPv4 addresses
  • 59. NAT Advantages Disadvantages of NAT • Performance is degraded. • The NAT-enabled border device must track and process each session destined for an external network. • End-to-end functionality is degraded. • Translation of each IPv4 address within the packet headers takes time. • End-to-end IP traceability is lost. • Some applications require end-to-end addressing and cannot be used with NAT. • Static NAT mappings can sometimes be used. • Troubleshooting can be more challenging. • Tunneling becomes more complicated. • Initiating TCP connections can be disrupted.
  • 60. ITN: • Chapter 15 – Application Layer • Chapter 13 - ICMP • Chapter 9 - Address Resolution References

Editor's Notes

  • #3: 15 – Application Layer 15.1 – Application, Presentation, and Session 15.1.3 – TCP/IP Application Layer Protocols 15.1.4 – Check Your Understanding – Application, Session, Presentation
  • #4: 15 – Application Layer 15.3 – Web and Email Protocols
  • #5: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.1 – Hypertext Transfer Protocol and Hypertext Markup Language
  • #6: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.1 – Hypertext Transfer Protocol and Hypertext Markup Language (Cont.)
  • #7: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.1 – Hypertext Transfer Protocol and Hypertext Markup Language (Cont.)
  • #8: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.2 – HTTP and HTTPS
  • #9: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.3 – Email Protocols
  • #10: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.4 – SMTP, POP and IMAP
  • #11: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.4 – SMTP, POP and IMAP (Cont.)
  • #12: 15 – Application Layer 15.3 – Web and Email Protocols 15.3.4 – SMTP, POP and IMAP (Cont.) 15.3.5 – Check Your Understanding – Web and Email Protocols
  • #13: 15 – Application Layer 15.3 – Web and Email Protocols
  • #14: 15 – Application Layer 15.4 – IP Addressing Services 15.4.1 – Domain Name Service
  • #15: 15 – Application Layer 15.4 – IP Addressing Services 15.4.2 – DNS Message Format
  • #16: 15 – Application Layer 15.4 – IP Addressing Services 15.4.2 – DNS Message Format (Cont.)
  • #17: 15 – Application Layer 15.4 – IP Addressing Services 15.4.3 – DNS Hierarchy
  • #18: 15 – Application Layer 15.4 – IP Addressing Services 15.4.4 – The nslookup Command 15.4.5 – Syntax Checker – The nslookup Command
  • #19: 15 – Application Layer 15.4 – IP Addressing Services 15.4.6 – Dynamic Host Configuration Protocol
  • #20: 15 – Application Layer 15.4 – IP Addressing Services 15.4.7 – DHCP Operation
  • #21: 15 – Application Layer 15.3 – Web and Email Protocols
  • #22: 15 – Application Layer 15.5 – File Sharing Services 15.5.1 – File Transfer Protocol
  • #23: 15 – Application Layer 15.5 – File Sharing Services 15.5.2 – Server Message Block 15.5.3 – Check Your Understanding – File Sharing Services
  • #24: 15 – Application Layer 15.3 – Web and Email Protocols
  • #25: 9 – Address Resolution 9.1 – MAC and IP 9.1.1 – Destination on Same Network
  • #26: 9 – Address Resolution 9.1 – MAC and IP 9.1.2 – Destination on Remote Network
  • #27: 9 – Address Resolution 9.2 – ARP 9.2.1 – ARP Overview
  • #28: 9 – Address Resolution 9.2 – ARP 9.2.2 – ARP Functions
  • #29: 9 – Address Resolution 9.2 – ARP 9.2.6– Removing Entries from an ARP Table
  • #30: 9 – Address Resolution 9.2 – ARP 9.2.7 – ARP Tables on Networking Devices
  • #31: 9 – Address Resolution 9.2 – ARP 9.2.8 – ARP Issues – ARP Broadcast and ARP Spoofing
  • #32: 15 – Application Layer 15.3 – Web and Email Protocols
  • #33: 13 – ICMP 13.1 – ICMP Messages 13.1.1 – ICMPv4 and ICMPv6 Messages
  • #34: 13 – ICMP 13.1 – ICMP Messages 13.1.2 – Host Reachability
  • #35: 13 – ICMP 13.1 – ICMP Messages 13.1.3 – Destination or Service Unreachable
  • #36: 13 – ICMP 13.1 – ICMP Messages 13.1.4 – Time Exceeded
  • #37: From Douglas Comer’s book ‘Computer Networks and Internets’: Source Quench: A router sends a source quench whenever it has received so many datagram that it has not more buffer space available. A router that has temporarily run out of buffer must discard incoming datagram. When it discards a datagram, the router sends a source quench message to the host that created the datagram. Time exceeded: This error message is sent in two cases: TTL is decremented to zero: When a router reduces the Time to Live (TTL) field in an IP datagram to zero, it sends a time exceeded message to the source of the datagram. Reassembly timer expires before all fragments of a packet arrive at the destination. Destination Unreachable: When a router determines that a packet cannot be delivered to its final destination, the router sends a destination unreachable message to the host that created the datagram. The message specifies whether the specific destination host is unreachable, or the network to which the destination attaches is unreachable. In other words, the error message distinguishes between a situation in which an entire network is temporarily disconnected from the Internet (e.g., when a router has failed), or when a particular host is temporarily offline (e.g., because the host is powered down) Redirect: If a router determines that a host has incorrectly sent a datagram that should be sent to a different router, the router uses a redirect message to cause the host to change its route. A redirect message can specify either a change for a specific host or a change for a network; the latter is more common. Parameters problem One of the parameter defined in the datagram is incorrect.
  • #38: From Douglas Comer’s book ‘Computer Networks and Internets’: Source Quench: A router sends a source quench whenever it has received so many datagram that it has not more buffer space available. A router that has temporarily run out of buffer must discard incoming datagram. When it discards a datagram, the router sends a source quench message to the host that created the datagram. Time exceeded: This error message is sent in two cases: TTL is decremented to zero: When a router reduces the Time to Live (TTL) field in an IP datagram to zero, it sends a time exceeded message to the source of the datagram. Reassembly timer expires before all fragments of a packet arrive at the destination. Destination Unreachable: When a router determines that a packet cannot be delivered to its final destination, the router sends a destination unreachable message to the host that created the datagram. The message specifies whether the specific destination host is unreachable, or the network to which the destination attaches is unreachable. In other words, the error message distinguishes between a situation in which an entire network is temporarily disconnected from the Internet (e.g., when a router has failed), or when a particular host is temporarily offline (e.g., because the host is powered down) Redirect: If a router determines that a host has incorrectly sent a datagram that should be sent to a different router, the router uses a redirect message to cause the host to change its route. A redirect message can specify either a change for a specific host or a change for a network; the latter is more common. Parameters problem One of the parameter defined in the datagram is incorrect.
  • #39: From Douglas Comer’s book ‘Computer Networks and Internets’: Source Quench: A router sends a source quench whenever it has received so many datagram that it has not more buffer space available. A router that has temporarily run out of buffer must discard incoming datagram. When it discards a datagram, the router sends a source quench message to the host that created the datagram. Time exceeded: This error message is sent in two cases: TTL is decremented to zero: When a router reduces the Time to Live (TTL) field in an IP datagram to zero, it sends a time exceeded message to the source of the datagram. Reassembly timer expires before all fragments of a packet arrive at the destination. Destination Unreachable: When a router determines that a packet cannot be delivered to its final destination, the router sends a destination unreachable message to the host that created the datagram. The message specifies whether the specific destination host is unreachable, or the network to which the destination attaches is unreachable. In other words, the error message distinguishes between a situation in which an entire network is temporarily disconnected from the Internet (e.g., when a router has failed), or when a particular host is temporarily offline (e.g., because the host is powered down) Redirect: If a router determines that a host has incorrectly sent a datagram that should be sent to a different router, the router uses a redirect message to cause the host to change its route. A redirect message can specify either a change for a specific host or a change for a network; the latter is more common. Parameters problem One of the parameter defined in the datagram is incorrect.
  • #40: From Douglas Comer’s book ‘Computer Networks and Internets’: Source Quench: A router sends a source quench whenever it has received so many datagram that it has not more buffer space available. A router that has temporarily run out of buffer must discard incoming datagram. When it discards a datagram, the router sends a source quench message to the host that created the datagram. Time exceeded: This error message is sent in two cases: TTL is decremented to zero: When a router reduces the Time to Live (TTL) field in an IP datagram to zero, it sends a time exceeded message to the source of the datagram. Reassembly timer expires before all fragments of a packet arrive at the destination. Destination Unreachable: When a router determines that a packet cannot be delivered to its final destination, the router sends a destination unreachable message to the host that created the datagram. The message specifies whether the specific destination host is unreachable, or the network to which the destination attaches is unreachable. In other words, the error message distinguishes between a situation in which an entire network is temporarily disconnected from the Internet (e.g., when a router has failed), or when a particular host is temporarily offline (e.g., because the host is powered down) Redirect: If a router determines that a host has incorrectly sent a datagram that should be sent to a different router, the router uses a redirect message to cause the host to change its route. A redirect message can specify either a change for a specific host or a change for a network; the latter is more common. Parameters problem One of the parameter defined in the datagram is incorrect.
  • #41: From Douglas Comer’s book ‘Computer Networks and Internets’: Source Quench: A router sends a source quench whenever it has received so many datagram that it has not more buffer space available. A router that has temporarily run out of buffer must discard incoming datagram. When it discards a datagram, the router sends a source quench message to the host that created the datagram. Time exceeded: This error message is sent in two cases: TTL is decremented to zero: When a router reduces the Time to Live (TTL) field in an IP datagram to zero, it sends a time exceeded message to the source of the datagram. Reassembly timer expires before all fragments of a packet arrive at the destination. Destination Unreachable: When a router determines that a packet cannot be delivered to its final destination, the router sends a destination unreachable message to the host that created the datagram. The message specifies whether the specific destination host is unreachable, or the network to which the destination attaches is unreachable. In other words, the error message distinguishes between a situation in which an entire network is temporarily disconnected from the Internet (e.g., when a router has failed), or when a particular host is temporarily offline (e.g., because the host is powered down) Redirect: If a router determines that a host has incorrectly sent a datagram that should be sent to a different router, the router uses a redirect message to cause the host to change its route. A redirect message can specify either a change for a specific host or a change for a network; the latter is more common. Parameters problem One of the parameter defined in the datagram is incorrect.
  • #42: In addition to error messages, ICMP defines information messages that include: Echo Request/ Reply: An echo request message can be sent to the ICMP software on any computer. In response to an incoming echo request message, ICMP software is required to send an ICMP echo reply message (in normal course of events; i.e., unless these replies are disabled for security reasons). 2) Address Mask Request/ Reply A host broadcasts an address mask request when it boots, and routers that receive the request send an address mask reply that contains the correct 32 bit subnet mask being used on the network.
  • #43: In addition to error messages, ICMP defines information messages that include: Echo Request/ Reply: An echo request message can be sent to the ICMP software on any computer. In response to an incoming echo request message, ICMP software is required to send an ICMP echo reply message (in normal course of events; i.e., unless these replies are disabled for security reasons). 2) Address Mask Request/ Reply A host broadcasts an address mask request when it boots, and routers that receive the request send an address mask reply that contains the correct 32 bit subnet mask being used on the network.
  • #44: In addition to error messages, ICMP defines information messages that include: Echo Request/ Reply: An echo request message can be sent to the ICMP software on any computer. In response to an incoming echo request message, ICMP software is required to send an ICMP echo reply message (in normal course of events; i.e., unless these replies are disabled for security reasons). 2) Address Mask Request/ Reply A host broadcasts an address mask request when it boots, and routers that receive the request send an address mask reply that contains the correct 32 bit subnet mask being used on the network.
  • #45: In addition to error messages, ICMP defines information messages that include: Echo Request/ Reply: An echo request message can be sent to the ICMP software on any computer. In response to an incoming echo request message, ICMP software is required to send an ICMP echo reply message (in normal course of events; i.e., unless these replies are disabled for security reasons). 2) Address Mask Request/ Reply A host broadcasts an address mask request when it boots, and routers that receive the request send an address mask reply that contains the correct 32 bit subnet mask being used on the network.
  • #46: 15 – Application Layer 15.3 – Web and Email Protocols
  • #47: 13 – ICMP 13.2 – Ping and Traceroute Tests 13.2.1 – Ping – Test Connectivity
  • #48: 13 – ICMP 13.2 – Ping and Traceroute Tests 13.2.2 – Ping the Loopback
  • #49: 13 – ICMP 13.2 – Ping and Traceroute Tests 13.2.3 – Ping the Default Gateway
  • #50: 13 – ICMP 13.2 – Ping and Traceroute Tests 13.2.4 – Ping a Remote Host
  • #51: 13 – ICMP 13.2 – Ping and Traceroute Tests 13.2.5 – Traceroute – Test the Path
  • #52: 13 – ICMP 13.2 – Ping and Traceroute Tests 13.2.5 – Traceroute – Test the Path (Cont.)
  • #53: 15 – Application Layer 15.3 – Web and Email Protocols
  • #54: 9.1 – NAT Operation 9.1.1 – NAT Characteristics 9.1.1.1 – IPv4 Private Address Space
  • #55: 9.1 – NAT Operation 9.1.1 – NAT Characteristics 9.1.1.2 – What is NAT?
  • #56: 9.1 – NAT Operation 9.1.1 – NAT Characteristics 9.1.1.3 –NAT Terminology
  • #57: 9.1 – NAT Operation 9.1.1 – NAT Characteristics 9.1.1.4 –NAT Terminology (Cont.)
  • #58: 9.1 – NAT Operation 9.1.3 – NAT Advantages 9.1.3.1 – Advantages of NAT
  • #59: 9.1 – NAT Operation 9.1.3 – NAT Advantages 9.1.3.2 – Disadvantages of NAT