Posted on by Glenn

Network+ : TCP/IP Basics

  1. Network+ Certification (N10-007): Syllabus
  2. Network+ : Introductions and Resources
  3. Network+ : Network Models
  4. Network+: Cabling
  5. Network+ : Topologies
  6. Network+ : Ethernet Basics
  7. Network+ : Contemporary Ethernet
  8. Network+ : Installing a Physical Network
  9. Network+ : Booting and Getting On the Network
  10. Network+ : TCP/IP Basics
  11. Network+ : Subnetting
  12. Network+: Routing Protocols
  13. Network+ : Routing and Firewalls
  14. Network+ : TCP/IP Ports and Applications
  15. Network+ : Network Naming and Sharing Resources
  16. Network+ : Secure Networking
  17. Network+ : Advanced Networking Devices
  18. Network+ : IPv6
  19. Network+ : Remote Connectivity
  20. Network+ : WiFi
  21. Network+ : Virtualization
  22. Network+ : Mobile Networking
  23. Network+ : Building a Real-World Network
  24. Network+ : Managing Risk
  25. Network+ : Protecting Your Network
  26. Network+ : Network Monitoring
  27. Network+ : Network Troubleshooting
  28. Network+: Network Monitoring

Unit 10

Chapter 6

Info
Now is a good time to get and start using Wireshark (formerly Ethereal)…
https://www.wireshark.org/download.html
… and learn to use it
https://web.archive.org/web/20190331203815/http://www.linux-mag.com/id/7896/2/

Network Commands

arp   #  (Linux and Windows)

ping   # (Linux and Windows)

ipconfig # (Windows)

ifconfig # (old Linux command; deprecated)

ip # (new Linux command)

iwconfig # (Linux wifi)

nslookup  # (Linux and Windows)

dig # (Linux native, Windows installable)

traceroute # (Linux)

tracert # (Windows)

net  #  (Windows)

netstat # (Windows and Linux)

nbtstat # (Windows)

netsh  #  (Windows)

WAN Networking

DoD DARPA -> ARPA -> DARPA

DARPANET

80% model

TCP/IP Model (DoD Model)

The TCP/IP Model and the OSI Model

OSI Model and DoD / TCP/IP Model
OSI Model and DoD / TCP/IP Model

The OSI Model

ISO created the Open Systems Interconnect Model – the OSI Model

OSI and DOD Models
OSI and DOD Models

IP Networking

This is the addressing layer of the stack, obviously IP addresses. But there’s a little more to it.

        • IPv4
        • IPv6
        • IPsec
        • ICMP

IPv4 Addresses

      • Are 32 bits long
      • Are expressed in Decimal (Base 10, not Hexadecimal like MAC addresses)
      • Are grouped in four groups separated by dots:

192.168.1.25

      • Each group is called an “octet” because it consists of 8 bits.
      • 8 bits can express any number from 0 – 255.

IPv4 addresses (external addresses that can be routed over the internet) are doled out by IANA (see https://www.iana.org/), as are port numbers. They were originally divided into Classes A, B, C, D and E.

These classes are all about the first octet of an IP address. So in an address like

107.180.0.194

only the 107 matters.

Class First Octet Number of addresses per Network
A 0 – 126 16.7 Million
(loopback) 127
B 128 – 191 65,534
C 192 – 223 254
D 224 – 239
E 240 – 255

Not that you should take my word for it. See these authorities:

https://www.tutorialspoint.com/ipv4/ipv4_address_classes.htm

https://www.meridianoutpost.com/resources/articles/IP-classes.php

Now For Some Simple Binary

Here’s one octet of an IPv4 address:

 0 0 0 0 0 0 0 0

Any one of the bits can be flipped from 0 to 1. The Least Significant Bit (a fancy term for the smallest number) is on the right, and the Most Significant Bit is (duh) on the left. That means these 8 bits have the following values:

1 1 1 1 1 1 1 1
128 64 32 16 8 4 2 1

See how each value is two times the value to its left? What we’ve got here, for us non-math-majors, is Powers of Two. And boy are we gonna take advantage of this little table.

Be clear that any octet can express values from 0 to 255, but nothing else.

Info
When you’re taking the actual exam, I suggest writing this on your notes board before you even start.

Now we can see something interesting about the IP address classes above.

Class A starts at 0, so its first octet is 00000000

Class B starts at 128, so its first octet is 10000000

Class C starts at 192, so its first octet is 11000000

Class D starts at 224, so its first octet is 11100000

Class E starts at 240, so its first octet is 11110000

(And Universal Broadcast is 255.255.255.255, so its first octet is 11111111, just FYI)

Handy the way they divided the classes, isn’t it?

Info
In the beginning of IP networking, you could not subdivide these networks! You had three and only three choices of network size – and the first octet of the IP address determined that size.

Getting Your Network Configuration From DHCP

Dynamic Host Configuration Protocol gives you:

        • IP address
        • Net mask (or “subnet mask”)
        • Default gateway
        • DNS server IPs

This protocol uses UDP ports 67 and 68. The transaction HAS to be UDP, because your computer can’t set up a TCP session: it doesn’t have an IP address yet!

Many years ago, ports 67 and 68 were used by a similar protocol called bootp, the boot protocol. In this operation, a diskless workstation would broadcast to port 67, and the bootp protocol would then upload an OS image via TFPT (trivial FTP) over port 69. TFTP should not be running on your network. It is a security risk.

APIPA Addresses

Most hosts get an IP address assigned to them by a DHCP server. But if that server is down, hosts won’t have a way to get onto the local network.

Microsoft solved this with a “fall-back” protocol: APIPA. It lets hosts self-assign an IP address in a special range:

169.254.x.x

So if you do an ipconfig and see a host has a 168.254.x.x IP address, that means it failed to get a DHCP assignment. This is a critical testing point.

Broadcast Addresses

At boot time, when your NIC BIOS is read and run,

    1. Your NIC broadcasts to the Ethernet broadcast address, ff:ff:ff:ff:ff:ff, to get noticed by the switch it’s plugged into.
    2. If you’re using NetBIOS, the local Browse Master computer will register A your computer’s NetBIOS name on the local (Ethernet) network.
    3. If you’re using DHCP, your NIC broadcasts to the IP universal broadcast IP address, 255.255.255.255. The DHCP server gives your computer an IP configuration, and now you’re ready to talk to computers on other networks.

Part of your IP configuration is, of course, your local network number, for instance 192.168.1.0. Notice that the last octet of this network number is 8 zeroes. If we switch all 8 bits of the Host ID area to ones, we have the broadcast address of our local network:

192.168.1.255

Info
An IP address with all zeroes in the Host ID space is a Network Number.

 

Info
An IP address with all ones in the Host ID space is a Broadcast Address.

Net Mask / Subnet Mask

I don’t like the term “subnet mask” because it leads to confusing conversations like,
“What’s the subnet?”
“192.168.1”
“No, the one with the 255s.”
“Oh, 255.255.255.0”

However, Cisco, CompTIA, my friend SubnetD and more will confirm: Subnet Mask is a correct term. But so is Net Mask, and that’s what I try to use.

Classless Net Masks: Classless Inter-Domain Routing (CIDR)

Instead of expressing a 24-bit net mask as 255.255.255.0, express the number of bits directly: /24.

This makes a network number look like this:

192.168.1.0/24

It also allows us to break the network up into smaller pieces:

192.168.64.0/26

Which is called Subnetting.