TCP/IP Protocol Suite
The internet Protocol – (IP)
This serves to assign the correct destination address to a data packet. IP uses subnet mask to determine the if the receiving node is on the same subnet or a remote network and delivers the packet.
The address Resolution Protocol (ARP)
Address resolution protocol supports the internet protocol by resolving IP addresses to the MASC address.
Reverse Address Resolution Protocol (RARP)
RARP is a protocol that allows a node on a local area network to discover its IP address from a routers ARP table or cache.
The Internet Control Message Protocol (ICMP)
The internet control message protocol is a service added to the IP protocol that attempts to report on the condition of the connection, ICMP messages notify a sender of network conditions by reporting IP errors.
The Internet Management Protocol (IGMP)
IGMP supports multicasting in a routed environment. The router uses the IMGP to poll its interfaces for members of the multicast group and the forwards the multicast transmission to the group members.
PORTS
All ports are assigned a number in a range from 0 – 65535. The IANA separates the port numbers into three blocks:
1. Well known ports, which are assigned by system process by IANA
2. Registered ports, which are available to user processes and are listed as a convenience by IANA
3. Dynamic ports, this are assigned by a client operating system as needed when there is a request for service.
Port Ranges, well know/used ports:
• 21 – ftp (file transfer protocol) used for download
• 23 – Telnet, remote login protocol
• 25 – SMTP (simple mail transfer protocol) used for sending mail
• 53 – dns (domain name service) changes the IP address into a user-friendly name
• 80 – http (hypertext transfer protocol) internet access
• 110 – pop3 (post office protocol number 3)
• 143 – impa (internet message access protocol)
• 161 – snmp (simple network management protocol)
• 443 – https (secure http)
UDP ports:
• 7 – echo (PING)
• 123 – ntp (network time protocol)
Sockets
A socket is a piece of software within an operating system that connects an application with a network protocol.
IP Address Assignment Methods
Static and Dynamic addressing – IP addresses can either be assigned manually to make them static to a node on the network or it can be assigned dynamically by the DHCP service.
DHCP – Dynamic Host Configuration Protocol
DHCP is a network service that provides automatic assignment of IP addresses and other TCP/IP configuration information in the network nodes that are configured as DHCP clients.
DHCP Lease process
APIPA – Automatic Private IP Addressing
APIPA is a service that enables a DHCP client computer to configure itself automatically with an IP Address in the range of 169.254.0.1 to 169.254.255.254 if no DHCP servers respond to the clients DHCP discover broadcast.
The Ping utility:
You can ping a computer to confirm its connectivity to a network.
Ping options are as follows:
You can ping by IP address
You can ping the loopback address (127.0.0.1) to test whether TCP/IP has initialised on an individual system. If the computer has a default gateway, you can ping the remote system.
Some of the options include setting up the packet size, changing the time to live (TTL) value and specify how many times to ping the host.
Ping Blocking
As a security measure, some public internet hosts and internet routers might be configured to block incoming packets that are generated by that ping command.
IP Configuration Utilities.
Winipcfg – Windows 98, 95, ME
Ipconfig – Server 2008, 2003 and windows 2000 as well as XP Vista and NT
Ifconfig – Linux and UNIX
Dhclient – Linux and UNIX (the dhclient utility allows you to configure and manage dhcp settings the network interfaces on a computer.
Ipconfig Commands for DHCP: (for enabling dynamic address lease management)
Ipconfig/release – forces the release of the IP address of a network connection
Ipconfig/renew – request the renewal of the lease.
If the DHCP is non-responsive, the server will revert to the APIPA.
DNS – Domain Name System
The DNS is a TCP/IP name resolution service that translates FQDN’s into IP addresses. It consists of a system of databases that are stored on separate DNS servers on all networks that are connected to the Internet. All servers work together to resolve the FQDN’s (Fully Qualified Doman Name). On internal networks a local DNS service can resolve host names without using the external DNS servers.
The HOSTS file
A HOSTS file is a plain text file configured on a client machine containing a list of IP addresses and their associated host names.
The HOSTS file provides an alternative method of host name resolution. An external client can use a HOSTS file to resolve names on your internal network without needing to access to your internal DNS server.
NetBIOS Names
NEtBIOS names are computer names that take a 16-byte common name format developed by IBM and Microsoft to identify the network devices. Fifteen bytes represent characters in the name; the hidden 16th byte is a code to denote the type of service provided by the device. NetBIOS names must be unique on the network.
NetBIOS Name Resolution Methods:
• NetBIOS broadcast name resolution – for data delivery, NetBIOS names must be resolved to the MAC addresses.
• WINS – WINS is Microsoft’s NetBIOS name server which was developed to reduce the number of NetBIOS name resolution broadcasts.
• The LMHOSTS File – an LMHOSTS file is a text file that contains NetBIOS name-to-IP Address mappings, each on a separate line. The IP address is listed first, then a space, and then the associated NetBIOS name.
