Identify the layers of the DoD model and how they
relate to the TCP/IP stack.
Process Application =
Acts as the interface for the user.
Provides applications that
transfer data between hosts.
OSI Model - Application/Presentation/Session
TCP/IP Suite –
-Telnet = terminal
(File Transfer Protocol) and TFTP (Trivial File Transfer
Protocol = file
-NFS (Network File
System) = file sharing
-Xwindows = application
-SMTP (Simple mail
Transfer Protocol) = electronic mail
-LPD (Local Print
Daemon) and RPR (Remote Printing)=printing
-SNMP (Simple Network
Management Protocol=network mgmt
Host-To-Host = TCP only: Maintains data integrity and sets up reliable,
communication between hosts.
delivery of data units in proper sequence and with no
loss or duplication.
OSI Model – Transport Layer
TCP/IP Suite –
Control Protocol)= establishes a virtual circuit,
provides a reliable connection,
and sends packets that are
sequenced and acknowledged.
(like a telephone
-UDP (User Datagram Protocol)=
connectionless/unreliable, but less
overhead Is used by any
protocol that uses broadcasts.
(like sending a
Internet = Routes data packets between
difference hosts or networks. The Internet
Layer is the foundation of the TCP/IP protocol suite.
OSI Model - Network
TCP/IP Suite –
IP = (Internet Protocol)
handles packet routing, fragmentation, and
ICMP = (Internet Control Message Protocol) used
to send error
and control messages
to hosts and routers.
BOOTP = (used by workstations
to discover 3 items:
IP address of the server
3. the name of a file loaded into memory that
is executed at
ARP = (Address Resolution
Protocol) = translates a software address
to a hardware (MAC)
RARP = (Remote Adddress
Protocol) = used by diskless
translate their hardware (MAC) address to
A software address.
Network Access = defines physical
interconnection between hosts.
Model - DataLink/Physical Layers
Suite – Ethernet, Token Ring, FDDI, and Others
The TCP/IP Protocol Suite specifies functions above the
Network Access Layer of the DOD Model and above the DataLink Layer of the OSI
TCP (Transmission Control Protocol) = responsible for
establishing communication between 2 hosts.
IP (Internet Protocol) = responsible for the transfer of
Describe TCP/IP addressing concepts.
Internet address value
IP network and node
byte determines class
host must have a unique host number
byte of a node address falls in the range of 0 to 255
and 255 are usually not used in addressing (reserved for broadcasting
in an octet
Windows calculator on desktop to convert binary number to decimal
List TCP/IP addressing classes and characteristics.
Class A = 0
– 127 first byte Network last 3 bytes Host
bit must be zero
to 12 classes created each having 16+Million hosts.
Class B = 128 – 191 first 2 bytes Network last 2
2 bits of first byte are 1 and 0.
16,384 class B networks each having up to 65,584 hosts.
Class C = 192 – 223 first three bytes Network last
3 bits of first byte are 1, 1, and 0.
2+Million class C networks each having up to 255 hosts.
Class D = 224 – 239 (MultiCast)
4 bits of first byte are 1, 1, 1, and 0.
for multicast packets
packets are used by a host to transmit messages to a specific group of
hosts on network
exchanged between routers only
Class E = 240 – 255 (Reserved for Experimental or
5 bits of byte are 1, 1, 1, 1, and 0.
for experimental use and potential future addressing modem
E addresses typically used for broadcasts.
Define TCP/IP addressing types.
addresses that allow for communication between one source sending data
and one source receiving it.
single interface, is specified by the destination address.
between any 2 hosts in the shared network doesn’t affect any of the
addresses that refer to a group of hosts by using a single IP address; identified
by Ipv4 class D addresses.
a subnet of the PCs on a network agree to listen to a given multicast
PC in this multicast group can be reached with a single packet
messages that are transmitted to every host on the network.
used to identify a broadcast message.
message is directed to all hosts on the network from which it
do not typically forward broadcast messages to other networks.
to multicast; references a group of systems.
data by finding the closest member of a group and sends messages only to
available with Ipv6.
Identify the purpose of subnets.
Subnet Masking – process of creating subnets on the
All hosts and networks must have a unique address.
Subnet Mask – is an extension of the IP addressing
scheme that allows a site to use a single network address for multiple
Purpose of subnets:
expand the network – by adding routers and creating subnets
reduce congestion – by splitting single network into smaller,
separate subnets reducing bandwidth problems and number of hosts.
reduce CPU use – more hosts on network causes more broadcasts on
network. Each host must listen to every broadcast before accepting or
discarding it. Uses CPU capabilities.
isolate network problems – by splitting larger networks into smaller
networks, limit the impact of one subnet’s problems on another.
improve security – by restricting sensitive network traffic to only
one network, other users on other subnets can be prevented from
accessing secure data. Subnets also ensure that network structure is
never visible outside organization’s private network.
use multiple media – allows you to combine different media by
putting each type of media on a different subnet.
Determine an appropriate subnet mask.
subnet mask is a 4-byte number that is logically “ANDed” with an IP
address to identify the network and host address of a host.
requires that all IP addresses be assigned a subnet mask even if the
network is not segmented into subnets.
bit that is part of the network address is assigned a value of “1” in
bit that is part of the host address is assigned a value of “0” in the
mask is defined using part of the host portion of the IP address. The
host portion used depends on the class of the network address you were
Choose a subnet address given a subnet mask.
subnet mask depends on how many bits you choose to use for subnet
Demonstrate the ability to use subnet masks to divide a
Classful Hierarchy – the standard IP address
conforms to a standard number of bits for the network address and host
address for each type of class.
Classless Hierarchy – when you add a subnet address
to the IP address, the host address is divided into a subnet address and a
host address. The number of bits used by the subnet address and the host
address can vary.
Assigning Subnet Addresses
After the subnet value has been assigned to a network, you
must assign IP addresses to each device using the following rules:
- Each address must be unique
- The network and subnet numbers must be the
same for all devices on the same network
- The host (physical) portion of the address
must not be set to all 1’s or all 0’s/
When you create subnet addresses, you need to
- Plan for growth
- Avoid using IP addresses reserved for
To prepare for possible
changes in the number of subnets required, RFC 1219 suggests that you assign
subnet addresses from the left-most bit of the subnet address field, and that
you assign hosts in numeric order from the right-most bit of the host address
To create a subnet, you must
- Determine the number of subnets you need
- When you are deciding how many subnets your
network needs, you must take into account future network growth.
- Determine your subnet mask and subnet
- To assign subnet mask and address values,
complete the following:
- 1) determine the number of available subnet
address values and the number of available host address values per
- 2) calculate the subnet address values:
- identify the rightmost  bit in the
subnet mask and convert its binary value to decimal. The number you
obtain is referred to as ‘delta’.
- Assign IP addresses to each host on the
Define supernetting and identify the number of hosts
available on a network that uses supernetting.
in 1993 to extend the lifetime of a 32-bit IP address
with Ipv6, a new version of IP with larger addresses.
accommodate growth until Ipv6 is standardized and adopted, supernetting
used as a temporary solution.
of subnet addressing; (instead of using a single IP network address for
multiple physical networks in an organization, it uses many IP network
address for a single organization).
of bits used for the subnet mask is “reduced” to increase the number of
Number of hosts available on a Class C Network – 510
Describe the TCP/IP communication process.
hosts using TCP must establish a TCP connection with each other before
they can exchange data
server’s OS delivers the raw data to TCP in a byte stream.
If data stream too large for lower-layer protocols, TCP
divided the stream into segments, adds sequence numbers, and passes each
segment to IP.
IF forms IP datagrams by adding source and destination
logical addresses to each segment.
Through ARP, the physical address of the destination or next
immediate device is determined and passed, with the IP datagrams, to the
Based upon the DataLink Layer chosen, several other steps
are performed until the DataLink frames reach the client device. When an
internetwork is involved, several additional IP encodings and decodings occur
with each hop to determine the next IP address in the route.
The client DataLink Layer receives the frames and passes its
data to the client IP.
The client IP discards the IP header and passes the IP
datagrams to the client TCP.
TCP acknowledges receipt if each datagram.
TCP combines the datagrams into one continuous byte stream
by examining the sequence numbers and reordering the segments.
The service requester’s application receives the same byte
stream that was submitted by the server’s OS, as if it were directly connected.
Compare and contrast the IPv4 and IPv6 protocols.
IPv4= established late 1960’s
a 32-bit address
ability to route traffic between an increasing number of networks and
a 20-byte header and has 12 required fields and 1 optional field
IPv6= being developed and implemented to resolve
the short comings of IPv4
to address the current growth trends affecting TCP/IP-based networks.
one solution that will be deployed to deal with issues of addressing and
routing and addressing capabilities
support for options
and privacy capabilities
a 40-byte (fixed) header and has 8 fields of information
Migration Strategies from IPv4 to IPv6:
Stack – have both loaded/bound to NIC boards. Communicates
regardless of which stack being used.
– Encapsulate IPv6 datagram inside IPv4 datagrams. Allows IPv6 to cross
over IPv4 network segments.
Translation – Software on routers connecting both network segments,
strips headers, replace with one appropriate for network segment
2 Types of IPv6 addresses can be embedded:
= understand IPv6
= do not understand IPv6
Describe utilizing private network addresses to overcome
the IPv4 address shortage.
10-Netting = using private network address
to overcome shortages
Addresses reserved for private networks are filtered out
by Internet routers and do not conflict with registered addresses.
Private Address Blocks
Class A = 10.0.0.0
Class B =
Class C = 192.168.0.0
10-netting by assigning hosts on the private, internal part of network
IP address and placing a router between the private internal network and
the public network (Internet).
interface on router assigned address from private network
interface on router assigned registered IP address.
runs network address translation (NAT) software, which translates
addresses when packets pass through from private to public network.
the 10.0.0.0 range selected, private network can have entire Class A
1 registered IP address is required for entire private network
is increased because entire private network appears to have only 1 IP
address on the public network.
Identify the role of TCP/IP ports.
assigned to a service running on an IP host
used to link incoming data to correct service
Divided into 3 Ranges:
Ports = 0 - 1023
Ports = 1024 – 49151
or Private Ports = 49152 – 65535
Well-Known Ports are standard port numbers used by
Assigned by the IANA (internet Assigned Numbers Authority)
and on most systems can only be used by system processes or by programs
executed by privileged users.
See chart, page 1-40 for Well-Known Port number
List sources of TCP/IP information.
of technical reports about the Internet
different aspects of computing, including new and revised protocols,
standards, procedures and programs.
documents of the Internet protocol suite (standards) by the IETF.
Registry for Internet Numbers
organization created to manage IP address space for assigned territories
to RIPE and APNIC, pleased management of IP space under user control
(ISPs, corporate entities, colleges, and individuals)
Network Information Center
of 3 regional Internet Registries (IRs) of the IANA
the Asia-Pacific area
Internet resources, including IP addresses, autonomous systems (AS)
numbers, and domain delegations
Corporation for Assigned Names and Numbers
authority over all number spaces used in Internet
parts of the Internet address space to 3 regional IRs.
for managing Internet address, domain names, and protocol parameters
Engineering Task Force
dedicated to identifying problems on and proposing technical solutions
for the Internet
Network Information Center
of 3 regional IRs of the IANA
North America and handles Internet domain name registration
by Network Solutions, Inc. (NSI)
IP Europeans Network Coordination Center
1 of 3 regional IRs of IANA
internet domain name registration for Europe.
Identify the purpose of the Internet Protocol (IP).
packet-switched networks (CATENET)
blocks of data, called datagrams, from sources to destinations. Sources
and destinations are hosts identified by fixed-length addresses.
also fragment and reassemble long datagrams, if necessary, for
transmission through small-packet networks
not provide end-to-end data reliability, flow control, sequencing, or
other services commonly found in host-to-host protocols.
on the services of its supporting networks to provide various types and
qualities of services.
Identify the fields that compose the IP header and the
function of each.
– indicates the format of the IP header
– (Internet Header Length) indicates the length of the IP in
32-bit words, and
thus points to the beginning of data. The minimum value for a correct
header is 5.
Type of Service – specifies the treatment of the
datagram during its transmission
through the Internet system.
Total Length – length of datagram measured in
octets, including Internet Header
and data. This field allows the length of a datagram to be up to
octets (whether they arrive whole or in fragments.)
Identification –an identifying value assigned by
the sender to aid in assembling
the fragments of a datagram.
–identifies the amount a packet is fragmented.
Fragments Offset – indicates where in the datagram
this fragment belongs.
Time To Live (TTL) – indicates the maximum time the
datagram can remain in the
– indicates the next-level protocol used in the data portion of the IP
Header Checksum –displays a checksum of the header
Source Address –displays the source address of the
Destination Address –displays the destination
address of the datagram.
–displays options that might appear in datagrams.
Padding –used to ensure that the Internet header
ends on a 32-bit boundary.
the padding is zero.
IP provides 2 basic functions:
IP sees the addresses carried in the header to transmit
datagrams to their destination.
IP uses fields in the header to fragment and reassemble
Internet datagrams for transmission through small-packet networks.
4 Key features in providing its services:
the quality of the service wanted.
of service provides a generalized set of parameters that characterize
the service choices provided in the network that make up the Internet
an upper boundary on the lifetime of an Internet datagram
is set by the sender of the datagram and reduced at the points along
the route where it is processed
be thought of as a self-destruct time limit.
control functions that might be useful in some situations but that are
unnecessary for the most common communication
include functions for time stamps security, and special routing.
that the information used in processing the Internet datagram has been
Identify the purpose of Transmission Control Protocol
reliable Host-to-Host protocol in packet-switched networks and
process-to-process communications in multi-network environments
between user or application processes and a lower-level protocol such as
a set of calls for manipulating data.
also communicate with application programs asynchronously.
to work in a very general environment of interconnected networks
Identify the purpose of User Datagram Protocol (UDP).
a datagram mode of packet-switching in an internetwork
that IP is used as the underlying protocol
application programs to send messages to other programs with a minimum
of protocol mechanism.
transaction oriented; duplicate and delivery protection are not
a minimal transport service-non-guaranteed datagram delivery—and gives
applications direct access to the datagram service of the IP layer.
only services UDP provides over IP are check summing of data and
multiplexing by port number.
not maintain end-t-end connection with the remove UDP module; it only
pushes the datagram out on the network and accepts incoming datagrams
off the network.
by application that do not require level of service provided by TCP or
applications that want to use communications services (such as multicast
or broadcast delivery) not available from TCP.
(Network File System) and SNMP (Simple Network Management Protocol) use
service is little more than an interface to IP.
for reliably delivery
of 2 main protocols that resides on top of IP
Identify the purpose of Internet Control Message
Protocol (ICMP) and the types of ICMP messages.
layered on IP, ICMP is a control protocol that is an integral part of
error reporting, congestion reporting, and first-hop gateway redirection
messages are grouped into 2 classes:
an ICMP message of unknown type is received, it is silently discarded.
Identify the purpose of Internet Group Management
by hosts and gateways on a single network to establish hosts’ membership
in particular multicast groups
use this information with a multicast routing protocol to support IP
multicasting across the Internet.
of IGMP is optional
host can still participate in multicasting local to its connected
networks without IGMP.
Identify the purpose of Network Time Protocol (NTP).
a set of network clocks using a set of distributed clients and servers.
built on the UDP, which provides a connectionless transport mechanism.
the precision and estimated error of both the local clock and reference
clock it might be synchronized to.
to connect a few primary reference clocks to centrally accessible
resources such as gateways.
information that can be used to organize this hierarchy on the basis of
precision or estimated error.
Describe TELNET and identify its purpose.
a remote login capability on TCP. The operation and appearance is
similar to keyboard dialing through a telephone switch.
an old application and has widespread interoperability.
of TELNET usually work between different operating systems
TCP/IP’s virtual terminal protocol
a user from one host to log in to another host while appearing to be
directly attached to the terminal at the remote system. This TCP/IPs
definition of a virtual terminal.
use TELNET to access a remote client and provide the same functionality
as local client software. Can do this by specifying a port number with
the TELNET command.
Describe Hypertext Transport Protocol (HTTP) and
identify its purpose.
basic hypermedia access to resources available from diverse applications
an application-level protocol that can be used to transport, retrieve,
search for, update, and annotate information that is distributed and
collaborative, and that includes hypermedia.
an open-ended set of methods and headers that indicate the purpose of a
based on the Uniform Resource Identifier (URI).
a Uniform Resource Locator (URL) or Uniform Resource Name (URN) to
indicate the resource that a process should be applied to.
used as a generic protocol for communication between user agents and
proxies or gateways to other Internet systems, including those supported
by the SMTP, NNTP, FTP, Gopher, and WAIS protocols.
Identify the purpose of File Transfer Protocol (FTP) and
the functionality of some FTP commands.
and powerful TCP/IP utility for general user.
you to upload and download files between local and remote hosts.
available at file archive sites to allow users to access files without
having to pre-establish an account at the remote host.
HELP ? =
used to obtain a list of available FTP commands and help topics
used to specify the file type when you transfer a binary or executable
used to see a directory listing of the files in the current directory
see what directory you are in
GET, QUIT, CLOSE, OPEN, and PUT (or SEND)
Identify the purpose of Trivial File Transfer Protocol
protocol used to transfer files
on top of the Internet UDP and is used to move files between machines on
different networks implementing UDP.
to be small and easy to implement.
most of the features of a regular FTP.
services it provides are reading and writing files and sending mail to
and from a remote server.
8-bit bytes of data, cannot list directories or provide user
3 modes of transfer:
caused by 3 types of events:
being able to satisfy the request
a packet that cannot be explained by a delay or duplication in the
access to a necessary resource
Describe TFTP operation.
transfer begins with a request to read or write a file.
the server grants request, the connection is opened and file sent.
divided into packets.
packet gets lost, intended receiver times out and retransmits last
of lost packet retransmits lost packet
keeps 1 packet on hand for retransmission.
Match the TCP/IP protocols with their definitions.
List sources of TCP/IP security information.
Emergency Response Team
part of the Survivable Systems Initiative at the Software Engineering
advisories addressing current security threats and ways to counteract
Security Resource Clearinghouse
information or network security issues
Incident Advisory Capability
for protecting DOE computer networks
Identify the purpose of firewalls.
to create a system that prevents unauthorized users from accessing
a combination of hardware and software that reduces the risk of a
security breach into a private TCP/IP network
security for services, such as email
firewall between the private network and the Internet, or between
private network segments, enforces corporate security and access control
helps regulate the type of traffic that can access the private network
and provides information about that traffic to the Administrator.
Identify the types of firewalls and features of each.
type of firewall, uses only the packet-filtering capability to control
and monitor network traffic that passes through the border.
block traffic between networks or to and from specific hosts on an IP
private network on the Internet
is point of contact for incoming traffic from the Internet
as a proxy server to allow internal network clients access to external
few services – email, FTP, DNS, or Web Services
not require authentication
not store any sensitive data
of Bastion Host and Screening Routers
security by using Internet access to deny or permit certain traffic from
the Bastion Host.
stop for traffic, which can continue only if the Screening Router lets
on a server with at least 2 network interfaces.
acts as a router between the network and the interfaces to which it is
blocks direct traffic between the private network and the Internet
of Screen Host.
screened subnetting, the Bastion Host is placed on its own subnetwork.
screening routers used to do this:
1 between the subnet and the private network and the other
between the subnet and the Internet.
elements of a Screening Router and a Screened Host; thereby overcoming
the limitations of each.
is centered on the screening routers by using interfaces for the
Internet, the private network, and the subnets that contain the Bastion
Hosts and application servers.
Describe encryption and its role in a TCP/IP network.
a network because information sent over a TCP/IP internetwork can pass
through numerous other routers and hosts before it reaches its
Three (3) Encryption Issues:
– pretending “spoofing”
Secure Socket Layer (SSL) provides safeguard against
Transforms information so it cannot be decrypted or read
by anyone but the intended recipient.
Ciphertext – disguised information
Symmetric Encryption – like a combination lock; anyone who
uncovers code can access it
Describe denial of service attacks and how to defend
DoS = most threatening security flaw
DoS attack is an assult that floods a network with so much
traffic that normal network activities and slowed dramatically or stopped
Usually does not corrupt network file systems
Three (3) groups of attacks:
a weakness in a specific TCP/IP stack
a weakness in the TCP/IP standard itself
excess traffic on a network
Flood – known as “Pepsi”
of all packets being transmitted on a network
be used for a variety of purposes using a number of different tools
Describe routing fundamentals.
IP is the portion of TCP/IP that provides addressing and
connectionless services for packet forwarding.
It also provides packet-switching services.
of networks administered as a whole system by a single authority.
protocol that manages routing information within a Autonomous System
Systems are interconnected using an Exterior Gateway Protocol
interdomain routing protocol
Describe Routing Information Protocol (RIP)
to provide consistent routing and reachability information between PCs
on a LAN
small networks, RIP uses very little bandwidth and configuration and
easy to implement
hosts and gateways to exchange info for computing routes through an
host using RIP should have interfaces to one or more networks. These
networks are referred to as Directly Connected Networks
on access to certain information about each of these networks. The most
important information about a network is its metric cost.
metric cost is between 1 and 15.
16 is considered unreachable.
the TCP/IPs suite distance vector routing protocol.
of time it takes for routers to synchronize their databases when change
occurs to network
– slow convergence
horizon – decreases the amount of RIP traffic on network, but increases
reverse – all routes learned from network are advertised back to same
network with cost of 16.
Describe the Open Shortest Path First (OSPF) protocol.
State protocol most commonly used on IP internetworks
for establishing and maintaining neighbor relationships, or adjacencies,
between routers connected to the same segment
Hello Packet = each router advertising itself send
periodic multicasting hello packets
Flooding = when router detects changes, it distributes new
information to all routers
neighboring OSPF routers
link state advertisement databases
Systems – group of routers exchange routing information using common
routing protocols in single administrative unit
System Border Router (ASBR) – router that exchanges routing information
with routers belonging to other AS systems.
– small/medium networks
– logical area where areas are connected. Address always 0.0.0.0.
Area – only one Area Border Router (ABR) is defined
Area – areas containing more than one ABR
Describe Exterior Gateway Protocol (EGP) and Border
Gateway Protocol (BGP).
Gateways Protocol supported by software
information between different Autonomous Systems
used only when connecting different companies or commercial services
routers are called external routers
or interior neighbors
support a looped topology
only advertise one route to a given network
to switch to an alternate route if the primary route fails
an inter-AS routing protocol that exchanges network reachability
information with other BGP speakers
support any policy conforming to the hop-by-hop routing paradigm
should allow an AS to:
announcements of the BGP learned routes to adjacent Ass
a particular path to a destination
routes with certain Ass in the AS_PATH path attribute
Describe other routing configurations.
Static Routing Configuration
a means of explicitly defining the next hop from a router for a particular
specific to a given routing protocol that can input the route
Directed Broadcast Forwarding
a remote system to send a single packet that will be broadcast on the network.
Compare RIP and OSPF.
OSPF considered superior to RIP for
for large networks
Identify TCP/IP network design criteria.
up in a diagram in form of logical network topology
design for hardware, connectivity, and services
also take into account for communications, functions, and security
unique to IP protocol
as a vehicle for planning ahead before setting up an IP network
evaluating an existing network, so you can avoid problems and
you to ensure that your IP network will have:
appropriate level of network security
network access, if necessary
Parts of an IP Network Design
contain diagrams indicating placement of servers, DHCP servers,
workstations, printers, cabling, switches, hubs, and routers
connected to Internet, include firewalls, web servers, and DNS servers
IP addressing scheme must also be indicated on design
A Design Approach
concern is business needs network being built on
Identify IP address management issues when planning a
Assigning a Static IP Address
stays with the same node
preferred when a node is a router or server or another service-providing
extra level of control over address management
used in local network level
contain routing table explosion due to excess Class C networks
Host Name Management
necessary to manage distribution of domain names and static host files
functions and reduced administrative workload:
allocation – assigns permanent address to host
allocation – leased IP address assigned to node for limit of time
allocation – host address manually configured by Network
included in design:
Name Server – maintains data for the zone it has authority over and
answers queries for data.
Name Server – does not maintain data for zone, but copies data from
Primary Server at startup, and gets updates.
Identify network design considerations involving routers.
Incorporate if you:
Need to connect dissimilar networks
topology or IP network address are connected via router. If not, use a
Can Improve your design with routing
should be modular in design to allow scalability, performance, and
comprised of smaller networks connected by routers
Can use routing to satisfy security needs
use routers to filter unwelcome traffic
check functions done at Network Layer
Need to connect networks over a WAN
you have LANs distantly located away from central corporate
only be connected over a WAN link through a router
Distance Vector Protocol
with RIP/RIP II
own routing table; broadcasts to neighbors
lower-cost path (hops)
Link State Protocol
exchanges new information with routers
to implement on larger internetworks
Identify scalability issues when planning a network
around users and types of things they need to be able to do
your network as a collection of small and medium networks
you plan to assign addresses on your network
Public & Private Networks
– presents one IP address to the worldwide
– world cannot see IP address
a Class A Network address
16+ million addresses
for private use
outbound traffic from host on private network by removing source IP
address and replacing it with an official address that is permitted on
traffic goes through reverse process
Identify network management issues involved with
planning a network design.
purpose of creating a network design before creating the network is
avoiding network traffic congestion, often blamed on limited bandwidth
using Top-Down design approach and a Modular Topology, you can
High Availability & Reliability
include both physical and logical redundancy in your design
costly to provide because it requires redundant hardware (routers and
switches) and redundant connectivity.
a backbone with redundant switches and connections.
by using an appropriate routing protocol with re-routing capability
in STAR or MESH topology
Identify remote network access methods.
Three (3) basic types:
package that has remote access support built-in
uses remote (offsite) PC as a long-distance clone of a PC or host in
appear to be running on remote PC, but actually executing on the office
keyboard and screen updates being sent over phone lines
PC becomes a workstation on the network, connected over a phone line by
modem rather than NIC card.
remote control and remote node
Remote Application Simple Limited to communications
Cost within the
Remote Control Good performance High Cost
With many apps limited security features
Remote Node Cost effective Poor performance with
Scalable data-intensive applications
Identify the symptoms and causes of various TCP/IP
to resolve MAC address problems
values interpreted incorrectly
to resolve processes using DNS servers
server down or unreachable
entries in DNS Host Table
components in creating dynamically configured TCP/IP network
95 Specific Address-Caching issues
service location through User Agents (UA), Service Agents (SA), and
Directory Agents (DA)
Identified Directory Agents
system used in IP networks
cannot be established
client cannot initialize on the network
are lost or unavailable
is wasted on unnecessary or misdirected traffic
to Live (TTL) Faults
a cross-platform time synchronization system with a Primary Server
synchronized to UTC via Global Positioning Service (GPS) receiver.
cannot be established
Is Out of Synchronization
you to maintain separate set of addresses and translate between those
addresses when accessing the Internet
Private Clients are Isolated
communicate with NAT router
cannot communicate with publish network
is not default gateway for the client
Device Is Inaccessible
Network Services are Inaccessible
protocols in TCP/IP suite are open because of their trusting, unsecured,
and unencrypted nature
modification and replay
Mixed Environment Problems
filtering drop-packets with destination port or address trouble
List the steps for TCP/IP error resolution.
Step 1 – Examine the communication process
Step 2 – Identify the possible points of failure
Step 3 – Develop a plan of action
Step 4 – Test your solution
Step 5 – Record your solution
Identify the purpose and functionality of
gather information about the network configuration, status of
communications and links within an internetwork
– general TCP/IP stack configuration and performance statistics
– end-to-end connectivity test (menu-driven)
– end-to-end connectivity test (command line)
– trace rout path test
– communication dumps/recordings
Windows 95/98 & NT Tools
tools used to isolate problems on network
– local configuration information; enables refresh of IP address or
– NT equivalent of WINIPCFG, same functions
– used to query another IP device
– looks at client, route tables to determine how to route packets to a
– view local device’s ARP cache; used to force broadcast to resolve
ROUTE (TRACERT) – determine path packet takes to get from A to B
– detail list of current protocol operations for TCP/IP connections
Unix & Linux Tools
– command-line tool for monitoring network traffic.
– trace and print the route the packets travel from source to
and ARPSNMP – monitor Ethernet or FDDI network traffic and build
databases of Ethernet/IP address pairs
– for querying DNS name servers to find out information on Internet
– ICMP echo test
– query remote server database of domain or IP address registries
– query remote DNS server for DNS registry information
(Domain Internet Groper) – send domain name query packets to any DNS
name server in the Internet
– used to obtain interface information such as packets received, packets
sent, MTU, and metric
packets off the cabling system and display conversations and individual
packets in a readable format
1 – access the network
2 – capture the traffic
3 – view the captured traffic
4 – filter out and view just the needed traffic
5 – document findings
and alarm thresholds
of Protocol Analysis
Alone – capture packets that cross wire to which analyzer connected
– captures packets on remote networks
and Software – LZFW, Sniffer Basic, ManageWise, Sniffer Pro
Placement – hubbed or bridged networks, routed, or WAN links, Switched
(includes hubout, analyzer agents, and port scanning or mirroring)
ToolKits – AGNet Tools, NPS NetScanTools Pro 2000
Tools – Top MAC pairs, top senders/receivers; utilization, datalink
errors; Token Rotation Time; response time, routing traffic efficiency;
signal attenuation, crosstalk, cable lengths, cable faults
Troubleshoot TCP/IP protocol errors
the URL, i.e., www.iana.org Results: successful
to www.iana.org. Results: successful
NSLOOKUP to obtain the IP address for www.iana.org. Results: 184.108.40.206
220.127.116.11. Results: HTTP port
80 is not active on the host.
might need to use a variety of tools to isolate TCP/IP problems.