| TCP/IP |
| Course notes: MCSE |
 |
| Menu Contents: |
 |
| Introduction to TCP/IP |
|
| TCP/IP Architecture |
|
| Internet Addressing |
|
| Subnetting TCP/IP networks |
|
| Internet Routing |
|
| Dynamic Host Configuration Protocol |
|
| NetBIOS Host Name Addressing |
|
| Windows Internet Name Service |
|
| TCP/IP Host Names & Browsing Networks |
|
| Domains Name Service |
|
| TCP/IP Services & Tools |
|
| Simple Network Management Protocol |
|
| Troubleshooting |
|
| CCNA - Cisco Exam Notes (in 4 parts). |
|
| Introduction: |
| Course notes taken by Craig Ellis CCNA+MCP |
| TCP/IP stands for Transmission Control Protocol/ Internet Protocol. |
| Each Layer of the TCP/IP protocol stack is modular, which means that it only communicates with the layer above or below it. |
| TCP/IP can provide over 4.2 million addresses, each host identified by its own unique 32 bit address. |
| The maximum number of addresses assigned to a network card is 5. |
| Domain Name Service (DNS) was created so that instead of having to type the IP addresses of a company?s web page, you can access that site by a user-friendly name. |
| Dynamic Host Configuration Protocol (DHCP) service provides PC?s with automatic configuration of the 3 necessary TCP/IP parameters. IP addresses, subnet-mask, and default gateway. |
| Windows Internet Name Service provides a NetBIOS computer name to IP address mapping in a database on a server. |
| DNS provides a database and search algorithm for resolving the host name into an IP address. |
| SNMP tracks specific TCP/IP events, using a database called a Management Information Database (MIB), |
| The Internet Proxy server is a firewall and web cache server that installs on the Windows NT server platform. |
 |
|
| TCP/IP Architecture: |
| The Open System Interconnect (OSI) model consists of 7 layers: |
| Layer 7 Application (e-mail, Accessing remote files, printers & databases) |
| Layer 6 Presentation (Protocol conversion, Data Translation) |
| Layer 5 Session (Establishes communication connection, Transmit length, time) |
| Layer 4 Transport (Error handling, Flow control ? Buffer availability) |
| Layer 3 Network (Route taken, addressing messages) |
| Layer 2 Data-Link (Frame transmission, acknowledgement) |
| Layer 1 Physical (Cabling types, Network Interface Cards) |
| The TCP/IP (Department Of Defence) protocol stack has 4 layers: |
| Layer 4 Application, supporting NetBIOS and Windows Sockets Interface. (FTP, HTTP, NFS) |
| Layer 3 Transport, running 2 protocols (TCP) and (UDP) |
| Layer 2 Internet, running 2 protocols (IP) and (ICMP) |
| Layer 1 Network Interface running (ARP) and (NDIS) |
| TCP provides a reliable connection based delivery service. |
| UDP offers a connectionless datagram service that is an unreliable ?best effort? delivery. |
| IP provides a packet delivery for all other protocols within the suite. |
| ICMP allows systems on a TCP/IP network to share status and error information. |
| ARP is used to provide IP address to physical address resolution for IP packets. |
| NDIS allows multiple network adapters and protocols to co-exist on the same PC. |
|
|
| Internet Addressing: |
| An IP address uniquely identifies a system located on your network. |
| The network ID is the portion of the 32-bit IP address that identifies what network a particular system is on. |
| The host ID is the portion of the 32-bit IP address that identifies any device that has an IP address on your network. |
| The subnet mask is a 32-bit address that distinguishes the network ID portion of the IP address from the host ID. |
| Subnet mask for default Class A = 255.0.0.0 Class B = 255.255.0.0 Class C = 255.255.255.0 |
| There are 5 class addresses used in TCP/IP ? Class A to E. |
| Class A = 0.1.0.0 to 126.0.0.0 |
| Class B = 128.0.0.0 to 191.0.0.0 |
| Class C = 192.0.0.0 to 223.0.0.0 |
| Microsoft supports only A, B and C addresses. Class D is for multicasting and E is experimental. |
| ARP (Address Resolution Protocol) dynamically binds a IP address to a physical hardware address. |
| It is possible to use HOSTS and LMHOSTS files to provide mappings for names to IP addresses where |
| WINS and DNS are not used. |
| A gateway can be used to connect 2 LANs that use different transport protocols or data forms. |
| It also can be used as a path for packets of data to be forwarded when there is no matching entry in the route table. |
| When a computer is configured with more than 1 IP address it is known as a multi-homes system. |
| IPCONFIG command is useful to show the IP address, subnet mask, and default gateway settings. |
| PING command helps confirm connectivity. Use this command to send (ICMP) echo requests to a host name or IP address. |
|
|
| Subnetting TCP/IP networks |
| Subnet works by having small networks, so that congestion is not an issue. |
| You can determine which bits are used for network and hosts addresses by masking. |
| A subnet mask denotes one portion of the IP address as a network, the other as the host address. |
| Always use the AND process to determine if hosts your comparing are on the same network. |
| IP addresses used on the Internet are controlled by your local ISP (Internet Service Provider). |
| An octet means its made up of 8 bits, which are each a 0 or 1. Having 4 octets means that an IP address is made up of 32 bits. |
| When using bit borrowing from an octet, they have to be in a continuous block. |
| When defining a subnet mask: |
| Work out the number of segments on your network |
| Count the number of bits needed to represent the number of segments needed, |
| Push this number of bits to the high-order end of the octet and pad the remaining bits with 0?s. |
| To determine subnet ranges, use the shortcut formula of 2 to the power of X-2. |
| Subnet Table |
| Subnet Address Bits |
| Address Block |
| Mask Ends with: |
| Subnets |
| Class C Host |
| Class B Host |
| Class A Host |
| 2 |
| 64 |
| 192 |
| 2 |
| 62 |
| 16382 |
| 4194302 |
| 3 |
| 32 |
| 224 |
| 6 |
| 30 |
| 8190 |
| 2097150 |
| 4 |
| 16 |
| 240 |
| 14 |
| 14 |
| 4094 |
| 1048574 |
| 5 |
| 8 |
| 248 |
| 30 |
| 6 |
| 2046 |
| 524286 |
| 6 |
| 4 |
| 252 |
| 62 |
| 2 |
| 1022 |
| 262142 |
| 7 |
| 2 |
| 254 |
| 126 |
| - |
| 510 |
| 131070 |
| 8 |
| 1 |
| 255 |
| 254 |
| - |
| 254 |
| 65534 |
| � |
|
|
| Internet Routing |
| A gateway provides router and protocol translation. |
| Routers and gateways forward packets, called datagrams around networks. |
| A bridge provides selective connection between LAN?s where only packets defined for the other side cross over. |
| Any Windows NT machine with multiple network interface cards can be configured as a router. |
| Gateways are routers that can also translate the packet format between topologies, i.e. token ring NIC and Ethernet NIC would require packet translation to the different formats. |
| Enable IP forwarding is the term used to enable routing in NT TCP/IP |
| Each independent router port has a routing table. |
| ROUTE command is used to add, modify, delete and display route information for one or all interfaces. |
| TRACERT command utility is used to trace a route from origin to destination |
|
|
| Dynamic Host Configuration Protocol |
| There are 2 methods of assigning an IP address to a clients computer, Dynamic and Manual addressing. |
| Manual entry is time consuming and is prone to human error. |
| DHCP server provides the DHCP client with the IP address, subnet mask and usually a default gateway. |
| DHCP scope is a managerial arrangement that identifies the configuration parameters for all of the DHCP clients on a physical subnet. |
| During initialisation a DHCP client boots with a null IP address since it does not have an assigned IP address. |
| Then the DHCP client broadcasts a DHCPDiscover message to its local hosts. |
| Any DHCP server that receives the DHCPDiscover message and has a valid configuration for the DHCP client will answer with a DHCPOFFER message. |
| The DHCP client sends a DHCPREQUEST message to the DHCP server accepting the offered IP address. |
| The DHCP server responds to the DHCPREQUEST message with a DHCPACK message that contains a lease for the IP address also configuration parameters. |
| BOOTP is used to boot and configure diskless workstations across the network. |
| DHCP message is an extension of the BOOTP message, routers acting as an RFC1542 relay agent can be used to transmit DHCP messages between multiple subnets. |
| A DHCP client is unable to use an IP address after the lease has expired. |
| When assigning SCOPES make sure they don't overlap when implementing multiple DHCP servers. |
| A reservation is an IP address that is reserved for a specific DHCP client. |
| Client options override scope options, which override global options in the DHCP manager. |
| DHCP data like active IP and excluded addresses are stored by the DHCP server in a database. |
| The DHCP database is backed up to the %systemroot%\system32\dhcp\backup\jet folder every 60 mins. |
| JETPACK is the utility that compacts the DHCP database. |
|
|
| NetBIOS Host Name Addressing |
| � |
| NetBIOS is an interface that software can use called an Application Programming Interface. |
| NetBIOS is only an API that programmers use to connect 2 computers using names i.e. CPU1 or MYCOMPUTER. |
| NetBIOS operates at the session & transport levels for the OSI model. |
| TCP is a connection-oriented service that guarantees proper data delivery. |
| UDP is a connectionless service that does not guarantee proper data delivery. |
| There are 3 TCP/IP port numbers supporting NetBIOS functionality: |
| Port 137 supports NetBIOS name service |
| Port 138 supports NetBIOS datagram service |
| Port 139 supports NetBIOS session service |
| NetBIOS names are 16 bytes, they consist of 15 bytes followed by a 1-byte control character in HEX. |
| The 3 NetBIOS functional processes are: |
| a. Name Registration |
| b. Name Discovery |
| c. Name Release |
| NBTSTAT is the most useful utility related to NetBIOS over TCP/IP. |
| NetBIOS Name Resolution Order:Local Name Cache Wins Server B-Node Broadcast LMHOSTS file HOSTS file DNS Server |
|
|
| Windows Internet Name Service |
| � |
| A WINS server: |
| Eliminates the need for many network broadcasts and reduces network traffic. |
| a. A Windows NT server on a TCP/IP network. |
| b. Maintains a database of mappings for IP addresses to NetBIOS names. |
| A WINS Client is the PC that requests a NetBIOS mapping. |
| The LMHOSTS file contains mappings of IP addresses to NetBIOS names, and is a static file. |
| WINS provides a distributed database for registering and querying dynamic NetBIOS names to IP address mappings in a routed network environment. |
| WINS provides Point to Point name resolution - A PC requests an IP address mapping directly from the WINS server. |
| For WINS to work there must be at least 1 WINS server. 2 would be better for load sharing. |
| A WINS proxy agent or server extends the name resolution of WINS to non-WINS clients, such as UNIX. |
| WINS proxies don't register names, they listen for name resolution broadcasts from non-WINS clients. These broadcasts will not cross a router. |
| When multiple WINS servers are used sharing of database information is used between servers to keep information up-to-date this is called Replication. |
| A PULL partner is a WINS server that pulls in replication of database entries from its partner by requesting and then accepting the replications. |
| A PUSH partner is a WINS server that sends update notification messages to its partner when its database has changed. |
| The 4 WINS database files are stored in the \systemroot\system32\wins directory. |
| Windows NT server includes a utility called jetpack, which can be used to compact a WINS database. |
|
|
| TCP/IP Host Names & Browsing the Network |
| When connecting to a computer by its host name, the host name must be resolved to an IP address by: |
| a. Domain Name System (DNS)The HOSTS file - a text file on the local computer that has entries for host names and IP addresses. |
| When connecting your network to the internet you must register your domain name with the InterNIC. |
| Ping is a simple utility that uses the ICMP to send an echo request to an IP address. |
| TELNET is used to establish remote command sessions on PC's, routers, print server's etc. |
| FTP is a TCP/IP utility that copies files from 1 computer to another. |
| When adding hosts to the HOSTS file, it's necessary to use the fully qualified domain name of any host in a different DNS domain. |
| Browsing enables a user to search through the NT domains and severs to find files or printers. |
| There are 3 types of browsers: |
| a. Domain master browsers |
| b. Master browsers |
| c. Backup browsers |
| A potential browser is a computer that can become a master or backup browser. |
| A master browser is responsible for collecting information about the servers in its workgroup or the servers in its domain that are on the same subnet. |
| A domain master browser receives lists of resources from each master browser in the internetwork, compiling a list of all resources available on the internetwork. |
| A backup browser receives the resource list from the master browser and fulfils browse requests from the clients in its domain/workgroup. |
| A browser election is a process to determine which computer will be the master browser. |
|
|
| Domain Name Service |
| Every network interface card or connection has a unique 48-bit numeric ID called a Media Access Control (MAC) address, displayed in HEX. |
| To access another host, you need to know its IP address or host name. |
| NIS provides a centrally managed file distribution system for mainly UNIX based hosts. |
| A DNS record consists of a name, record type and an IP address. |
| The fully qualified domain name is the name of the host suffixed by a period, followed by the domain name. |
| DNS is not a dynamic service like WINS and DHCP. |
| The root servers provide addresses to the domain servers associated with that root. |
| A secondary DNS server is a backup server with a copy of the zone information from the master server. |
| The first database needed is the primary zone for your domain. |
| The primary zone requires a reverse address zone to store reverse order records, called PTR records. |
| The DNS manager utility can manager a local or remote server. |
| Use the DNS manager utility to add records to either a primary or a secondary zone. |
| The DNS manager can connect to other DNS servers and act as a backup server. This is known as a secondary zone within DNS. |
| Host name resolution order: |
| Local host name |
| HOSTS file |
| DNS Servers |
| WINS (NetBIOS) |
| B-Node Broadcast |
| LMHOSTS file |
| � |
|
|
| TCP/IP Services & Tools |
| The most common uses of UNIX connectivity are for FTP and WWW services. |
| LPD (Line Printer Daemon) printing service allows printing from operating systems that would normally not be able to print to Windows NT services. |
| RAS common connections are PPP (Point to Point Protocol) or SLIP (Serial Line Internet Protocol) |
| PPP is a cross-platform protocol that can be used to connect to both NT and UNIX systems. |
| RAS connections must have TCP/IP connections. |
| RAS clients can use statically assigned IP addresses, dynamically assigned IP addresses or both. |
| Network monitor is used to track network usage. |
| A MAC address is assigned to a NIC by the hardware manufacturer. |
| The only type of DNS message is a request from a client. |
|
|
| Simple Network Management Protocol |
| � |
| SNMP provides a simple method for remotely managing virtually any network device. |
| SNMP allows large networks to be brought under control from a central location. |
| SNMP requires a SNMP management system and a SNMP agent to function. |
| An SNMP agent responds to GET, GET NEXT and SET commands issued by a management system. |
| TRAP is issued only by SNMP agents. |
| You can not perform performance Monitor monitoring of TCP/IP without first installing the SNMP service. |
| Management Information Bases (MIB) define a hierarchical structure of manageable objects, which define what may be monitored and configured on a network device with a management system. |
| Internet MIB II provides a standard set of objects essential to fault tolerance and management in an internet environment. |
| The SNMP service is installed manually. |
| The SNMPUTIL.EXE utility allows the SNMP service to be verified so that it can communicate with management systems correctly. |
|
|
| Troubleshooting |
| � |
| A network TCP/IP problem occurs when data is not being passed between networks. |
| A subnet TCP/IP problem occurs when data is not being passed between hosts on the same subnet. |
| A host TCP/IP problem occurs when a host computer is configured incorrectly, other users can not communicate with it. |
| A service TCP/IP problem occurs when a service i.e. TELNET, FTP or DNS is not functioning correctly. |
| PING is used to test connectivity and verify that a TCP/IP address is reachable. |
| Use PING when troubleshooting in successive order :Loopback address Local Host Default gateway Far side of the router Remote host. |
| ARP utility is used to view and amend IP address to MAC address translation tables. |
| NETSTAT utility is used for protocol statistics and active connections using TCP/IP. |
| NBTSTAT utility is used for protocol statistics and active NBT connections describe NetBIOS over TCP/IP. |
| IPCONFIG utility relates the entire TCP/IP configuration present on you PC. |
| TRACERT utility is used to locate failures along a TCP/IP communications path. |
| ROUTE utility is used to configure network routing tables. |
| NSLOOKUP is used to examine information from DNS servers. |
| HOSTNAME displays the IP host name of the local machine. |
| NET START, NET STOP Starts or stops a network service. |
| Event viewer and Network monitor are tools that analyse and identify TCP/IP connectivity issues. |
 |
|
 |
| View Page Stats See who's visiting my page. |
|
|
| Please see authors note in the CCNA sextion regarding a small donation for helpful information. |