Assign IP addressing
Each node needs an IP address to communicate on a TCP/IP netowrk. Administrator can manuallu assign these IP address. Can be done automaticall without manual interverntion.
TCP/IP
You can assign IP address information statically to nodes by manually entering IP addressing information on each individual network node. Can assign IP addresses dynamically, by using the Dynamic Host Configuration Protocol (DHCP) service
Static IP Address Assignment
Requires that an administrator visit each node to manually enter IP address information for that node. Node moves to a different subnet. , the administrator must manually reconfigure the node's TCP/IP information for its new network location. Static addre
DHCP Dynamic Host Configuration Protocol
Is a network service that automatically assigns IP addresses and other TCP/IP configuration information on network nodes configured as DHCP clients. Server allocates IP addresses to DHCP clients dynamically. Should be configured with at least one DHCP sco
DHCPv6
Is a network protocol for configuring IPv6 hosts with IP addresses, IP prefixes and other configuration data required to operate in an IPv6 network. It is the IPv6 equivalent of DHCP for IPv4 networks. May automatically generate IP addresses internally us
DHCP options
Enable you to configure specific values such as the address of the default gateway, the DNS server, the domain name suffix of the interface, and other IP-related information, relieving the administrator from having to manually configure
Global options
Scope Options
Class Options
Reserved Client ooptions
Globally for all DHCP servers and their clients
To clients that obtain leases within a particular scope
To clients that specify a class when obtaining a scope lease
To any client with a scope reservation for its IP address
DHCP Reservation
Lease assignments in SHCP that enable you to configure a permanent IP address for a particular client on the subnet. based on the client's media access control (MAC) address. Reserved IP address differ from statically configured IP addresses; when there a
DHCP Lease Process
1) Discover: once a node comes online and loads a simple version of TCP/IP and it's ready to communicate with a DHCP server, it transmits a broadcast called a DHSP discover to the network's broadcast address of 255.255.255.255 to see if any DCHP servers a
BOOTO (The Bootstrap Protocol)
The predecessor of DHCP. Developed to assign IP addresses to disk less, workstations that had no way of storing their operating system.
DHCP Relay Agent
Is a service that captures a BOOTP or DHCP broadcast and forwards it through the router as a unicast transmission to the DHCP server on another subnet. Uses a local broadcast that cannot be sent through routers on the network. You must wither have a DHCP
IP assesses Recovery
DHCP server can recover addresses leased to offline clients that no longer need the addresses.
APIPA Automatic Private IP Address.
A service that enables a DHCP client deceive to configure itself automatically with an IP address in the range of 169.254.0.1 to 169.254.255.254, in case no DHCP servers respond to the client's DHCP discover broadcast. DHCP failure, when the clients on th
APIPA Support
Available on client systems including: Windows 7 and Windows 8 and server operating system including: Windows 2008, Windows 2008 R2, Windows 2012 and Windows 2012 R2 as well as Macintosh. Requires no administrative configuration. Used for small offices wh
ipconfig
Displays connection-specific DNS suffix, IP address, subnet mask and default gateway information. Also use ipconfig /all
ifconfig
Display the status of currently active network interface devices. Using options, you can dynamically change the status of the interfaces and their IP address. Supported on Linux and UNIX
dhclient
Enables you to configure and manage DHCP settings on the network interfaces of a computer. Supported on Linix and UNIX
NOTE
You can manually release and renew a DHCP lease in Linux by issuing the following command at a command prompt: studio dhclient -v -r
ipconfig /release
Forces the release of an IP address used by a client.
ipconfig /renew
Requests the renewal of an IP address for a client.
ping
Command is used to verify the network connectivity of a device, and also to check to see if the target device is active. Verifies the IP address, host name, and reach ability of the remote device by using and listening for echo replicas. Ping uses ICMP to
Packet Size- by default, data packets are sent as 32 bytes. You can specify a larger size to test response time, the maximum size being 65,500 bytes. To change the packet size, user -1 option followed by the packet length
ping target [-1 size]
TTL- a value that determines how many hops an IP packet can traverse before being discarded. Each hop is a router that was crossed.
ping target [-i TTL]
Packet count- Specifies the number of packets with which a remote host is pinged. The default is four packets. You can specify a higher number of packets with the -n option.
Ping target [-n packet count]
Continuous ping- Pings the specified host until the command is interrupted by the pressing Ctrl+C
ping target -t
IPv6- ping using IPv6
ping target -6
ICMP Clocking
Some public Internet hosts and routers might be configured to clock incoming packets that are generated by the ping command. Might also clock packets from other TCP/IP diagnostic utilities suck as the tracery command
Ports
Is a number that represents a process running on a network. Advocated with OSI Layer 5, but in every packet, there will be both a source and destination port embedded in the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) header. All p
Well-Known Ports
Port range: 0 to 1,023
Ports are preassigned for use by common, or well-known, services. Often, the services that run on these ports must e started by a privileged user. Services in this range include Hypertext Transfer Protocol (HTTP) on TCP port 80, Int
Registered Prots
Port range: 1,024 to 49,151
These ports are registered by software makers for use by specific applications and services that are not as well-known as the services in the well-known range. SErvices in the registered port range include Socket Secure (SOCKS)
Dynamic or Private ports
Port range: 49,152 to 65,535
These ports are set aside for use by unregistered services needing a temporary connection.
Socket
An identifier for an application process on a TCP/IP network. It is the combination of the IP address (or host name) and port number. Standard interface between a Windows TCP/IP client application and the underlying TCP/IP protocol stack. The Berkeley soc
Host name
Unique name given to a node on a TCP/IP network. It enables users and technicians to recognize the node more easily
Domain
A grouping of devices on the Internet or on another network based on the nature of their operations. Communication between this systems as a unit and other networks on the Internet, instead of maintaining individual connections for each of its systems. Do
Domain Name
Unique name that identifies an entity on the Internet. Also know as site names, domain names appear as part of the complete address of a web resource. Which can have no more than 63 characters. Identifies a collection of devices on the network of a partic
FQDN- Fully Qualified Domain Name
Name resolution device maps the FQDN of the node to its IP address so that users can use names instead of IP addresses to communicate with other network nodes and the Internet. Written standard dot-delimited notation, and a dot separates each section of t
DNS Domain Name Service
Is a TCP/IP name resolution service that translates FQDNs into IP addresses. System of hierarchical databases that are stored on separate DNS servers on all networks that connect to the Internet. DNS servers store, maintains and update databases, they res
DNS Components
DNS database is divided logically into a heieratchical grouping of domains. Physically into files called zones. Zone files contain the actual IP-to-host name mapping for one or more domains. Zone files is stored on the DNS server that is responsible for r
DNS Servers
*If you are configuring static IP addresses, including the IP address of the default DNS servers as you configure each client.
*If you are using DHCP, use the DHCP scope options to specify the IP addresses of the default DNS servers.
ANS- Authoritative Name Server
A DNS server that possesses an actual Cory of the records for a zone, as opposed to just caching a lookup from another DNS server.
SOA- Start of Authority
Is the first DNS server to create the zone. Typically the primary DNS server, meaning that it holds the only writable copy of the zone.
Primary and Secondary DNS Servers
Is common to specify both a primary and a secondary DNS server to provide a more reliable name resolution process. When two DNS servers are listed in a client's TCP/IP settings, the client queries the primary server first.
Types of DNS Records
Record Type
Purpost
Address (A)
Makes a host name to its IP address by using a 32-bit IPv4 address
IPv6 Address(AAAA)
Maps a host name to its IP address by using a 128-bit IPv6 address
Canonical Name (CNAME)
Maps multiple canonical names (aliases) to an A record
Mail Exchanger (MX)
Maps a domain name to a email server list
Name Server (NS)
Assigns a DNS zone to access the given authoritative name servers.
Pointer (PTR)
Maps an IP address to the host name for the purpose of reverse lookup
Start of Authority (SOA)
Specifies authoritative information about a DNS zone
Service Locator (SRV)
Specifies a generic service location record for newer protocols.
DNS Hierarchy
DNS name are built in a hierarchical structure. Top level domain Neva, then the first-level domain name, and so on, until the FQDN for an individual host is complete.
DNS Name Resolution Process
...
Step 1: Client request
The DNS request is passed to a DNS client service for resolution by using locally cached information on the client.
Step 2: Preferred DNS server
The DNS server, upon receiving the request, first checks if the requested name is in its DNS cache in tires or its local DNS database, and returns the IP afresh to the client. If there is no match for the requested name, the DNS server sends the request t
Step 3: Root name server
Upon receiving the request, the root name server read the top-level domain of that name and sends a message that contains the IP address of the server for that top-level domain. The root name server then sends a reply to the client's DNS server.
Step 4: Top-Level Domain server
The client's DNS server contains the IP address of the top-level domain of the requested name. The DNS server then contacts the top-level domain's DNS server to resolve the name. The top-level domain server reads the second-level domain of he requested na
Step 5: Other domain servers
If the top-level domain cannot resolve the name because of additional levels in the FQDN, it sends the IP address to the second-level DNS server
Step 6: Host name resolution
This communication between DNS servers continues until it reaches the level in the DNS hierarchy where a DNS server can resolve the host name.
Step 7: Host Address
The preferred DNS server provides the client with the IP address of the target host.
Recursive query
When the client requests that its preferred DNS server find data on other DNS servers. Starting with the client requesting a name to be resolved to an IP address of its preferred DNS server.
Iterative query
When the client requests only the information a server already has in its cache for a particular domain. If the receiving the server cannot resolve the request, it notifies the client, but does not forward the request on to any other server.
HOSTS file
Is a plaintext file configured on a client device containing a list of IP addresses and their associated host names, separated by at least one space. HOST file provides an alternative method of host name resolution. A device will aways consult its HOSTS f
NetBIOS
Is a simple, broadcast-based naming service. Name can be any combination of alphanumeric characters excluding spaces and the following characters /:*?;\|.
WINS is an implementation of he NetBIOS Name Service. (NBNS)
Command and Utilities for IP Networks that might be useful
route
tracert in Windows, and traceroute in UNIX and Linux
pathping
mtr utility in UNIX and Linux
tracert command
Determines the route data takes to get to a particular destination. Node sends out messages with incrementally increasing TTL values. ICMP "Time Exceeded" messages are then send back from the routers to the note running tracert. TTL value is reduced befor
ICMP- Internet Control Message Protocol
...
TTL
...
Network Firewall
Is configured to not allow a tracert or ping through, you might not be able to trace the route all the way to then end; it might appear to end at the firewall. "Destination Unreachable" a router is not able to figure out how to get to the next destination
tracert options
Descriptions
#NAME?
Is you are having trouble resolving host names when using tracert, use -d option to prevent tracert from trying to resolve host names. Speeds up response time.
#NAME?
The default number of hops tracert will attempt to reach is 30. Using the -h option, you can specify more or fewer hops for it to check
#NAME?
You can use the -j option to force the outgoing Datagram to pass through a specific router.
#NAME?
If many of your responses on the tracert are timing out, by using the -w option, you can increase the number of milliseconds to wait before continuing,
pathping
Command provides information about latency and packet loss on a network. Combines the functionality of the ping and tracert commands. ping, pathping sends multiple ICMP echo request messages to each router between two hosts over a period of time, and then
pathping options
Descriptions
#NAME?
Specify the maximum number of hops to locate a destination
#NAME?
Specify a source IP address
#NAME?
Specify that host name resolution can be skipped
-4 address
Specify the IPv4 addresses that are to be used
-6 address
Specify the IPv6 addresses that are to be used
My traceroute (MTR)
Utility combines ping and traceroute into a single function. MTR displays the routers traversed, the average time taken for round trip, and packet loss of each router.
GNU General Public License
Is responsible for licensing and distributing MTR
TCP/IP Protocol Stack
Is the collection of protocols that work together to provide communications on IP-based networks such as the Internet.
Send data to over a TCP/IP network requires 4 steps
1) The Application layer encodes the data being sent
2) The Transportation layer splits the data into manageable chunks and adds port number information
3) the Internet layer adds IP addresses stating where the data is from and where it is going
4) The Ne
Daemon
A background process that performs a specific operation. Daemon is a UNIX term, though daemons are supported on the other operating systems.
File Transfer Protocol
Is a TCP/IP protocol that enables the transfer of files between a user's workstation and a remote host. May need to be installed on the client. FTP commands must be entered in lowercase and are available both as Windows command-line and UNIX commands. Wor
FTP session
ftp/IP address of remote host
#NAME?
Prevent remote server command responses being shown
#NAME?
Suppress auto-logon at initial connection
#NAME?
Disable interactive prompting when transferring multiple files.
#NAME?
Enables debugging, displaying all commands passed between the FTP client and server.
#NAME?
Disable wildcard character support
-s: [filename]
Run all the FTP commands contained in the [filename] file
#NAME?
Allow use of any local interface during data connection binding
-w: [windowsize]
Override the default transfer buffer size
TFTP trivial file transfer protocol
Is a simple version of FTP that uses UDP as the transport protocol, and does not require logon to the remote host don't not support error correction but provides for higher data integrity. Use for bootstrapping and loading applications and not for file tr
GUI
...
NTP Network Time Protocol
Is an Internet protocol that synchronizes the clock times of devices in a network by exchanging time signals. Works on the Application Layer (Layer 7) of the OSI model and the Application layer f the TCP/IP model. Running continuously in the background on
SNMP Simple Network Management Protocol
An Internet protocol that enables administrators to monitor and manage network devices and traffic. Working Application Layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model. Uses ports 161 and 162. Collect information from and se
SMTP Simple Mail Transfer Protocol
A communication protocol for formatting and sending email messages from a client to a server or between servers. Application layer (layer 7) of the OSI model and the Application layer of the TCP/IP model. Uses Port 25 and 587 for standard communication an
POP3 Post Office Protocol 3
So a protocol used to retrieve email mediates from a mailbox on a mail server. POP3 works at the Application layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model. POP3 uses port 110 for regular transmission and port 195 for encry
IMAP4 Internet Message Access Protocol version 4
Is a protocol used for retrieving messages from a mail server. IMAP4 works at the Application layer (layer 7) of the OSI model and the application layer of theTCP/IP model.
IMAP4 can
1) a user can check an email header and also look for a specific string of characters in the contents of a message before downloading it.
2) Messages can also remain on the server while the client works with them as if they were local.
3) users can search
HTTP Hypertext transfer Protocol
Is a network protocol that works on the Application layer (Layer 7) of the OSI model and the Application Layer of the TCP/IP model to provide web services. Uses port 80. Data is encoded and decoded using XML.
SOAP
Is used to transport the data via open protocol
HTTPS HTTP Secure
A secure version of HTTP that provides a secure connection between a web browser and a server. Application layer (Layer 7) of the OSI model of the Application layer of the TCP/IP model. Uses a Secure Sockets Layer (SSL) security protocol to encrypt data.
Telnet Telecommunications Network
A terminal emulation protocol that enables users at one site to simulate a session on a remote host as if the terminal were directly attached. Translating keystrokes from the user's terminal into instructions that the remote host recognizes, and then carr
Telnet is defined in REFC 854, and uses the following defaults
1) Uses TCP Port 23; however, you can specify a different port if the host to which you are connecting is configured to use a different port.
2) Uses 25 lines in the buffer, but you can configure it for up to 399 lines
3) Uses VT100 as the default termina
Secure Shell SSH
A program that enables a user or an application to log on to another device over a network, execute commands, and manage files. SSH operates at the Application Layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model. Port 22 and run
SSH1
Employs user keys to identify users; host keys to identify systems; session keys to encrypt communication in a single session; and server keys, which are temporary keys that protect the session key
SSH2
More secure; it does not use server keys; SSH2 includes a secure replacement for FTP called Secure File Transfer Protocol. All traffic (including passwords) is encrypted by SSH to eliminate connection hijacking. Eavesdropping and other network-level attac
SMB Server Message Block
Is a protocol that works on the Application layer ( Layer 7) of he OSI model and helps share resources such as files, printers, and serial ports among devices. SMB uses port 445 and runs on TCP.
RDP Remote Desktop Protocol
Proprietary protocol created by Microsoft for connecting to and managing deceives that are not necessarily located at the same place as the administrator. It uses port 3389, runs on TCP, and works on the Application Layer (Layer 7) of the OSI model. Is a