Introduction to TCP/IP
Properties and characteristics of TCP/IP IPv4 IPv6 Public vs private vs APIPA/link local Static vs dynamic Client-side DNS settings Client-side DHCP Subnet mask vs CIDR Gateway
TCP/IP Protocol
Definitions IP unique identifier for a computer on a network. IP (internet protocol) Comes in 5 different classes 3 classes ( A, B and C) are used to identify workstations, routers, switches and other devices the last 2 Classes ( D and E) are reserved for special use
IPv4 V.S. IPv6 IPv4 addresses 32 bits long in decimal separated by periods 192.168.0.1 IPv6 addresses are 128 bits long, written in hexadecimal, and separated by colons 3ffe:1900:4545:3:200:f8ff:fe21:67cf
Public IP address A public IP address is an IP address that can be accessed over the Internet. Like postal address used to deliver a postal mail to your home, a public IP address is the globally unique IP address assigned to a computing device.
Private IP address Addresses that are not routable over the internet Network computers that are linked to a router and share the same public IP address use private IPs. Typical IP ranges are 192.168.0.x, 192.168.1.x, 10.0.0.x etc
Public Class A, B, C IP addresses Public Class IP addresses are addresses that can be routed across the internet Listed below are class A, B and C address available to the Public Class First Octet Starting IP Ending IP Default Subnet Class A 1 127 0.0.0.0 127.255.255.255 255.0.0.0 Class B 128 191 128.0.0.0 191.255.255.255 255.255.0.0 Class C 192 223 192.0.0.0 223.255.255.255 255.255.255.0
Private Class A, B, C IP addresses Private Class addresses are IP address that are not routable across the internet. These address are use behind routers or NAT boxes within private LANs Typical addresses for home routers are 192.168.x.x but can be any of the listed addresses below Class IP Range Class A 10.0.0.0 10.255.255.255 Class B 172.16.0.0 172.31.255.255 Class C 192.168.0.0 192.168.255.255
Command-Line Tools for Networking NET Various options for displaying and using network resources PING Checks network and Internet connectivity TRACERT Traces route to specified IP address or URL IPCONFIG Displays system s IP address and other information NSLOOKUP Displays detailed information about DNS NETSTAT Displays current TCP/IP network connections and protocol stats
IP configuration There are two main ways to configure your IP address. Manual configuration where you specify all your network information Static network configuration Automatic configuration where a device or server assigns all network information Dynamic network configuration through DHCP The main settings of concern for a simple LAN are IP address DNS configuration Gateway configuration In subnet masking A subnet mask is used to distinguish between the network portion of the IP address and the host portion A mask used to determine what subnet an IP address belongs to. An IP address has two components, the network address and the host address. If we use the IP address 150.215.017.009. We assume this is part of a Class B network The first two numbers (150.215) represent the Class B network address or the network portion of the address The second two numbers (017.009) identify a particular host (computer) on this network Using the common 192.168.0.1 address with a subnet mask of 255.255.255.0 we know this is a class C address. There for the 192.168.0 represent the Network portion of the address and the 1 represents the host on the network.
DNS Domain Name System The Domain Name System (DNS) is the name for the network of servers on the Internet that translate domain names If we use www.google.com DNS checks its database for the name and converts it into their matching IP addresses. If you manually configure an IP address, you usually provide the IP addresses of one or more DNS servers as part of the configuration process. A domain name has three major sections, from the end of the name to the start: The top-level domain (.com,.org,.net, and so on). The name of the site. The server type. www indicates a web server, ftp indicates an FTP server, mail indicates a mail server, and search indicates a search server. So www.google.com would be resolved by com, google, www Resolving the www.google.com address to an IP number can also be done NSLOOKUP Google actually resolves to many IP addresses
Network Protocols DHCP The Dynamic Host Configuration Protocol is used to automatically assign IP addresses to hosts (printers, routers, computers, and so on). It will assign IP address, Subnet Mask, Gateway, DNS DHCP will run with lease time which sets the length of time the IP address will be valid for When the least time has finished the information is renewed and may be changed In most SOHO networks the router uses DHCP to assign IP information to the client computers. Your ISP will also use DHCP to assign an IP address to you. Typically your router gets this information. You may wish to pay for a permanent non changing IP address LDAP Lightweight Directory Access Protocol is used to access and maintain distributed directories of information (directory services) such as the kind involved with Microsoft domains. Can be compared to an address book of sorts listing various bits of information on computers users locations etc SNMP Simple Network Management Protocol (SNMP) is used as the standard for managing and monitoring devices on your network. It manages routers, switches, and computers and is often incorporated in software known as a network management system (NMS). SMB The Server Message Blocks (SMB) protocol provides access to shared items such as files and printers. SSH Secure Shell (SSH) allows data to be exchanged between computers on a secured channel. This protocol offers a more secure replacement to FTP and Telnet. The Secure Shell server housing the data you want to access would have port 22 open. SFTP Secure FTP (SFTP). Provides file access over a reliable data stream that is generated and protected by SSH.
APIPA Link-local What is a link-local address In a computer network, a link-local address is a network address that is valid only for communications within the network segment (link) or the broadcast domain that the host is connected to. Link-local addresses are not guaranteed to be unique beyond a single network segment. (Automatic Private IP Addressing) The Windows function that provides DHCP auto configuration addressing. APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client when a DHCP server is either permanently or temporarily unavailable. In IPv6, they are assigned with the prefix fe80::.
Client-side Client-side refers to operations that are performed by the client in a client server relationship in a computer network. Typically, a client is a computer application, such as a web browser, that runs on a user's local computer or workstation and connects to a server as necessary.
Client-side DNS settings Client-side DHCP Where you enter manually DNS information???
Subnet mask vs CIDR Classless inter-domain routing (CIDR) is a set of Internet protocol (IP) standards that is used to create unique identifiers for networks and individual devices. The IP addresses allow particular information packets to be sent to specific computers. CIDR notation is a compact representation of an IP address and its associated routing prefix. The notation is constructed from an IP address, a slash ('/') character, and a decimal number. The number is the count of leading 1 bits in the routing mask, traditionally called the network mask. https://www.digitalocean.com/community/tutorials/understanding-ipaddresses-subnets-and-cidr-notation-for-networking http://software77.net/cidr-101.html
Subnet mask An IP address consists of both a network number and a host number (i.e., the number of a host on the given network). The subnet mask tells you which portion is the network which requires an understanding of the binary representation of the decimal values. The remainder of the IP address is the host number. A subnetwork, or subnet, is a logical, visible subdivision of an IP network. The practice of dividing a network into two or more networks is called subnetting. Computers that belong to a subnet are addressed with a common, identical, most-significant bit-group in their IP address. It is called a subnet mask because it is used to identify network address of an IP address by preforming a bitwise AND operation on the netmask. A Subnet mask is a 32-bit number that masks an IP address, and divides the IP address into network address and host address. Each segment is 8 bits 192.168.0.1 ------------ 32.24.16.8
Gateway A gateway is a node (router) in a computer network, a key stopping point for data on its way to or from other networks. Thanks to gateways, we are able to communicate and send data back and forth.... On the Internet, the node that's a stopping point can be a gateway or a host node.
Static and Dynamic IPs Difference between static and dynamic IPs. When a device is assigned a static IP address, the address does not change. Most devices use dynamic IP addresses, which are assigned by the network when they connect and change over time.
Common TCP and UDP ports and protocols 21 FTP 22 SSH 23 TELNET 25 SMTP 53 DNS 80 HTTP 110 POP3 143 IMAP 443 HTTPS 3389 RDP 137-139, 445 SMB 548 OR 427 AFP
Protocols DHCP DNS LDAP SNMP SMB CIFS SSH AFP TCP vs UDP
TCP and UDP Ports, Protocols, and Uses
DHCP Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway. UDP ports 67 and 68
DNS The Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities TCP port 53 if UDP port 53 is not accepted
LDAP LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet. TCP and UDP port 389, or on port 636 for LDAPS Global Catalog is available by default on ports 3268, and 3269 for LDAPS
SNMP Simple Network Management Protocol (SNMP) is a popular protocol for network management. It is used for collecting information from, and configuring, network devices, such as servers, printers, hubs, switches, and routers on an Internet Protocol (IP) Port 161
SMB The Server Message Block (SMB) Protocol is a network file sharing protocol, and as implemented in Microsoft Windows is known as Microsoft SMB Protocol. The set of message packets that defines a particular version of the protocol is called a dialect. The Common Internet File System (CIFS) Protocol is a dialect of SMB. TCP port 139
CIFS The Common Internet File System (CIFS) is the standard way that computer users share files across corporate intranets and the Internet. An enhanced version of the Microsoft open, cross-platform Server Message Block (SMB) protocol, CIFS is a native file-sharing protocol in Windows 2000. UDP ports 137 and 138, and TCP ports 139 and 445
SSH SSH, also known as Secure Socket Shell, is a network protocol that provides administrators with a secure way to access a remote computer. SSH also refers to the suite of utilities that implement the protocol. Secure Shell provides strong authentication and secure encrypted data communications between two computers connecting over an insecure network such as the Internet. SSH is widely used by network administrators for managing systems and applications remotely, allowing them to log in to another computer over a network, execute commands and move files from one computer to another. port 22
AFP The Apple Filing Protocol (AFP), formerly AppleTalk Filing Protocol, is a proprietary network protocol, and part of the Apple File Service (AFS), that offers file services for mac OS and the classic Mac OS. Port 548 or 427
POP3 Post Office Protocol version 3 (POP3) is a standard mail protocol used to receive emails from a remote server to a local email client. POP3 allows you to download email messages on your local computer and read them even when you are offline. POP uses port110, but SSL/TLS encrypted POP uses port 995
IMAP The Internet Message Access Protocol (commonly known as IMAP) is an Application Layer Internet protocol that allows an e-mail client to access e-mail on a remote mail server. IMAP uses port 143, but SSL/TLS encrypted IMAP uses port 993
SMTP Simple Mail Transfer Protocol is an Internet standard for electronic mail transmission SMTP uses port 25, but SSL/TLS encrypted SMTP uses port 465
TCP vs UDP
OSI Layers Open Systems Interconnection layers
OSI Layers
OSI Layers Application Layer Provides network services like file print and messaging. Should not be confused with actual applications. Typical applications used. Email Newsgroup reader Web browser ftp client Presentation Layer This is where the data created by the programs above is "encoded or translated, ready to be sent over the network. The following are used to "present" the data to the next layer: Session Layer http, ftp, Pop/smtp, telnet This is the layer that actually does the talking between the protocol that runs on the server (often as a program) and the protocol that runs on the network hardware (like a hub or switch Hardware). A session is created over a virtual "port", which is the "location" where the Layer 6 protocol talks to the Layer 4 protocol (very confusing). i.e Port 80 is used for web, Port 21 is used for ftp
Transport Layer The Transport Layer makes sure the data is sent and received across the network correctly and free of errors. It check that the message is delivered completely, and sends requests to redeliver when it isn't. This is where TCP (protocol used on the internet) and UDP (online chat) are used Network Layer This is the layer that knows where to send the packets produced in the Transport Layer. It addresses information packets by their Internet Protocol address IP Hardware Network and also controls such things as the route of the message, which is the best and quickest way to go, and which way to go if one of the routes is broken. This layer splits the message up into small "packets" which are sent individually across the network. At the other end the packets are reassembled and passed back up the chain. This is where the information is actually sent out on the internet Data Link Layer This is the layer where the protocols control the transfer of the data across the physical network (the cables). Arranges data into frames The use of MAC addresses and PPP Physical Layer This layer is the combination of software and hardware programming that transfers the actual data stream from one point to another, it doesn't actually include the cables themselves. However the technologies used are often called the same name as the type of cables (confusing).
Packet encapsulation Each packet has the source and destination MAC, Data, error checking, Cycle Redundancy Check or CRC
Networking Lab Designing a network, resources Mapping
Network Design Design your network Include Naming convention IP range Workgroup/Domain Etc.. What type of Network are we going to use? Is there a need for server/s? What type of servers? Why What is your user base How many. Locations Scalability
Setting up your network Plug into the Ethernet port Test for Network connectivity If no DHCP signal is present set IP range If DHCP is present document IP information
Configuring a custom network Program IP addresses to static IP s What range will we use and why What is all the IP information that is needed IP, DNS, gateway etc Test for connectivity
Sharing resources What are we going to share? Folder, name, sharing rights, file rights User rights. How are we going to share them (Visible, hidden) Setup share point Test for connectivity Adjust for rights based on User/s shares
Testing Fully test your network If there is a problem how will you troubleshoot it What are the problems you may or have encountered in the setup of this network
Write up Fully document your design including Overview of your network Hardware/software IP range and why (include numbers) Number of users and locations/groups Servers if required