Tcpi Ip

TCP/IP
OSI Open Systems Interconnection

ISO International Organization for Standardization
Each TCP/IP application typically chooses to use either TCP or UDP based on the
applications requirements. For example TCP provides error recovery, but to do so, it consumes
more bandwidth and uses more processing cycles. UDP does not do error recovery, but it takes
less bandwidth and uses fewer process cycles.
TCP provides a variety of useful features, including error recovery, in fact, TCP is best known for
its error-recovery feature.
TCP/IP defines a large collection of protocols that allow computer to communicate.

TCP/IP defines the details of each of these protocols inside documents called
RFC Requests For Comments
The TCP/IP transport layer consist of two main protocol options
The Transmission control Protocol (TCP)
and
The User Datagram Protocol (UDP).
Same-Layer interaction on different computers:
The two computers use a protocol to communicate with the same layer on another
computer. The Protocol defined by each layer uses a header that is transmitted between the
computers. To communicate what each computer want to do.
Adjacent-layer interaction on the same computer:
On a single computer, one layer provides a service to a higher layer. The
software or hardware that implements the higher layer requests that the next lower layer
perform the needed function.

.

TCP/IP Network Interface Layer (Data Link layer)
The network interface layer defines the protocols and hardware required to deliver data across
some physical network. The term network interface refers to the fact that this layer defines
how to connect the host computer, which is not part of the network, to the network; it is the
interface between the computer and the network.
The Internet protocol suite includes not only lower-level specifications (such as TCP and IP), but
specifications for such common applications as electronic mail, terminal emulation, and file transfer. Figure
1 shows some of the more important Internet protocols and their relationship to the OSI Reference Model.
The Internet protocols are the most widely implemented multivendor protocol suite in use today. Support
for at least part of the Internet protocol suite is available from virtually every computer vendor.
TCP/IP Technology
This section describes technical aspects of TCP, IP, related protocols, and the environments in which these
protocols operate. Because the primary focus of this document is routing (a layer 3 function), the discussion
of TCP (a layer 4 protocol) will be relatively brief.
TCP
TCP is a connection-oriented transport protocol that sends data as an unstructured stream of bytes. By using
sequence numbers and acknowledgment messages, TCP can provide a sending node with delivery
information about packets transmitted to a destination node. Where data has been lost in transit from source
to destination, TCP can retransmit the data until either a timeout condition is reached or until successful
delivery has been achieved. TCP can also recognize duplicate messages and will discard them
appropriately. If the sending computer is transmitting too fast for the receiving computer, TCP can employ
flow control mechanisms to slow data transfer. TCP can also communicate delivery information to the
upper-layer protocols and applications it supports.
IP
IP is the primary layer 3 protocol in the Internet suite. In addition to internetwork routing, IP provides error
reporting and fragmentation and reassembly of information units called datagrams for transmission over
networks with different maximum data unit sizes. IP represents the heart of the Internet protocol suite.
IP addresses are globally unique, 32-bit numbers assigned by the Network Information Center. Globally
unique addresses permit IP networks anywhere in the world to communicate with each other.
An IP address is divided into three parts. The first part designates the network address, the second part
designates the subnet address, and the third part designates the host address.
IP addressing supports three different network classes. Class A networks are intended mainly for use with a
few very large networks, because they provide only 8 bits for the network address field. Class B networks
allocate 16 bits, and Class C networks allocate 24 bits for the network address field. Class C networks only
provide 8 bits for the host field, however, so the number of hosts per network may be a limiting factor. In
all three cases, the leftmost bit(s) indicate the network class. IP addresses are written in dotted decimal
format; for example, 34.0.0.1. Figure 2 shows the address formats for Class A, B, and C IP networks.

IP networks also can be divided into smaller units called subnetworks or "subnets." Subnets provide extra
flexibility for the network administrator. For example, assume that a network has been assigned a Class A
address and all the nodes on the network use a Class A address. Further assume that the dotted decimal
representation of this network's address is 34.0.0.0. (All zeros in the host field of an address specify the
entire network.) The administrator can subdivide the network using subnetting. This is done by
"borrowing" bits from the host portion of the address and using them as a subnet field.
If the network administrator has chosen to use 8 bits of subnetting, the second octet of a Class A IP address
provides the subnet number. In our example, address 34.1.0.0 refers to network 34, subnet 1; address
34.2.0.0 refers to network 34, subnet 2, and so on.
The number of bits that can be borrowed for the subnet address varies. To specify how many bits are used
and where they are located in the host field, IP provides subnet masks. Subnet masks use the same format
and representation technique as IP addresses. Subnet masks have ones in all bits except those that specify
the host field. For example, the subnet mask that specifies 8 bits of subnetting for Class A address 34.0.0.0
is 255.255.0.0. The subnet mask that specifies 16 bits of subnetting for Class A address 34.0.0.0 is
255.255.255.0. Both of these subnet masks are pictured in Figure 4. Subnet masks can be passed through a
network on demand so that new nodes can learn how many bits of subnetting are being used on their
network.
As IP subnets have grown, administrators have looked for ways to use their address space more efficiently.
One of the techniques that has resulted is called Variable Length Subnet Masks (VLSM). With VLSM, a
network administrator can use a long mask on networks with few hosts and a short mask on subnets with
many hosts. However, this technique is more complex than making them all one size, and addresses must
be assigned carefully.
Of course in order to use VLSM, a network administrator must use a routing protocol that supports it. Cisco
routers support VLSM with Open Shortest Path First (OSPF), Integrated Intermediate System to
Intermediate System (Integrated IS-IS), Enhanced Interior Gateway Routing Protocol (Enhanced IGRP),
and static routing.
On some media, such as IEEE 802 LANs, IP addresses are dynamically discovered through the use of two
other members of the Internet protocol suite: Address Resolution Protocol (ARP) and Reverse Address
Resolution Protocol (RARP). ARP uses broadcast messages to determine the hardware (MAC layer)
address corresponding to a particular network-layer address. ARP is sufficiently generic to allow use of IP
with virtually any type of underlying media access mechanism. RARP uses broadcast messages to
determine the network-layer address associated with a particular hardware address. RARP is especially
important to diskless nodes, for which network-layer addresses usually are unknown at boot time.

TCP/IP Architectural Model and
Examples
TCP/IP Architecture Layer Example Protocols
Application HTTP, SMTP,TFTP, SMTP, FTP, TELNET
Transport TCP, UDP
Internet IP
Network Access Ethernet, FDDI, ATM, Frame Relay

TCP/IP Architectural Model OSI Model

TCP/IP protocol
Application ---------------------------------- (HTTP)
Transport ------------------------------------ (UDP, TCP)
Internet---------------------------------------- (IP) **********Only
Network Access -------------------- (Ethernet, PPP, HDLC, Frame Relay)

Network Access
Transport
Internet
Application

(3) Network
(4) Transport
(5) Session
(6) Prentation
(7) Application

Protocols

Data Flow Layers
Application
Layers
(1) Physical
(2) Data Link
Networks

PC sends out Frames which holds Packets which holds Segments which hold IP Packets
headers which holds the source and destination address and data from the application data
hold IP address and Data from the Application layer.
TCP/IP Encapsulation
Frame(L2)L
Packet (only adds header (L3))
Segment(L4)

Layers-------------------

Network Access uses WAN and LAN protocols used to move Packets from the source to the
destination. Based on where the frame is in the network decides what Network Access
protocol to use WAN or LAN protocols
LAN Protocols = Ethernet Protocol (Mac addresses)
Wan Protocols = PPP, HDLC, Frame Relay (holds the type of packet)
LANS protocols work with = PC <---------> Switch <--------> PC
WANS protocols work with = Router <---------> Router
IP is the only Transport protocol layer in TCP/IP.
TCP/IP Encapsulation
1) Application = Data
2) TCP + Data = Transport
3) IP + TCP + Data = Internet = Packet
4) LH + IP + TCP + Data + LT = Network Access = Frame
5) Transmit Frame
*****LH = Link Header
*****LT = Link Trailer
Transport
IP
Application
Ethernet (LT)
Internet
Ethernet
(LH)
Internet
TCP & Data
WAN LANS WAN
Routers

Routers PC and Switches

Ethernet Headers and Trailer hold the source MAC address and Destination MAC address.
Maximum Bytes is 1500bytes MTU in 802.3 standard Ethernet.

802.3 -------------------Standard Ethernet 10mbps 10base T 100m (Copper)
802.3u ----------------------- Fast Ethernet 100mbps 1000basetx 100m (Copper)
802.3z --------------------Gigabit Ethernet 1000mbps 1000baseLX 5kilo (Fiber)
1000baseSX 550m (Fiber)
802.3ab--------------------Gigabit Ethernet 1000mbps 1000bseeT 100m (Copper)

T= Twisted Pair
TX= Fast Ethernet

Typical Features of OSI Layer 3
A Protocol that defines routing and addressing is considered to be a Network Layer 3,
Protocol. OSI does define a unique Layer 3 protocol called Connectionless Network Services
(CLNS).
Layer 3 Protocols which deals with ROUTING and ADDRESSING:
Internet Protocol (IP)
Novell Internetwork Packet Exchange (IPX)
AppleTalk Datagram Delivery Protocol (DDP)
*****Ethernet LANs use MAC
*****TCP/IP use IP address to get from one pc to another (Route).
NETWORK LAYER (LAYER 3)
ADDRESSING
In TCP/IP this group is called a NETWORK or SUBNET.
In IPX, it is called a Network
In Apple talk the grouping is called a CABLE RANGE
These groupings work just like U.S.P.S ZIP codes, allowing the routers (Mail Sorters) to speedily
route (sort) lots of packets (letters).
The routing table from each network layer protocol can have one entry for the group, not one
entry for each individual IP address. A router needing to forward packets to any of those hosts
needs one entry in its IP routing table. This basic fact is one of the key reason that router can
scale to allow tens and hundreds of thousands of devices.
A ROUTING PROTOCOL learns routes and puts those routes in a routing table.
A ROUTED PROTOCOL is the type of packet forwarded or routed, thought a network.
IP would be the ROUTED PROTOCOL
Routing Information Protocol (RIP) which is used to learn routes would be considered the
ROUTING PROTOCOL.

The Transport layer (LAYER 4) defines several functions, the most important of which are Error
Recovery and Flow Control.
Router discard packets for many reasons including:
BIT Errors

Network Congestion

INSTANCES WHICH THERE ARE NO ROUTES KNOWN

OSI Transport Layer Features:
Connection-Oriented or Connections-Less

Error Recovery

Reliability

Flow Control

Segmenting

TCP provides a variety of useful features including error recovery. In fact, TCP is best known for
its error-recovery feature but it does more.
TCP performs the following functions:
Multiplexing using port number

Error Recovery (reliability)

Flow control using windowing

Connection establishment and termination

End-to end ordered data transfer

Segmentation

TCP relies on IP for end-to-end delivery of the data, including routing issues.

TCP and UDP both use a concept called multiplexing.

UDP data transfer differs form TCP data transfer in that no reordering or recovery is
accomplished.

The Transmission control Protocol (TCP) and the User Datagram Protocol
(UDP) are two specific transport layer protocols they are Layer 4
protocols.

The transport layer (Layer 4) Defines several function, the most important of which are:
Connection-Oriented or Connectionless Defines whether the protocol
establishes some correlation between to end ports before any user data is allowed to be
transferred (connection oriented) or not(Connectionless)

Error recovery The process of noticing errors or lost segments and causing them
to be resent.

Reliability Another term for error recovery.

Flow Control- Process that control the rate at which data is transferred between two
endpoints.

Segmenting application data Application layer protocols may need to send
large chunks of data much larger than can fit inside one IP packet. The transport layer is
responsible for segmenting the larger data into pieces, called SEGMENTS that can fit
inside a packet.

Multiplexing using TCP port Numbers
TCP and UDP both use a concept called multiplexing.
Multiplexing by TCP and UDP involves the process of how a computer thins when receiving data.
The computer might be running may application, such as a web browser, and e-mal package, or
an FTP client. TCP and UDP multiplexing enables the receiving computer to know which
application to give the data to.
TCP and UDP solve this problem by using a port number field in the TCP or UDP header,
respectively.
Multiplexing relies on the use of a concept called a SOCKET. A socket consists of three things:
IP address (xxxx.xxxx.xxxx.xxxx)

A Transport Protocol (UDP, TCP)

A Port number (23, 21, 53, 110)

The fact that each connection between tow sockets is unique means that you can use multiple
application at the same time talking to application running on the same or different computer;
multiplexing, based on sockets, ensures that the data is delivered to the correct applications.
Transport Protocols UDP and TCP uses Port numbers also. 1030 is a port number used
by the TCP/UDP connection. Port Numbers stat at 1024 because ports below 1024 are
reserved for well know applications, such as web servers port 80.
PC clients are required to include both the Source and the Destination Port numbers the
port number used by the servers must be the well know.
Source Port Numbers (Sockets) Destination Port numbers (Sockets)
PC client ports Web Server ports
1024 80
1030 80
1040 80

TCP header and the Data (Application) field together are called a TCP segment or L4PDU
Layer 4 Protocol Data Unit.

Popular application and their well known Prot numbers
Port Number Protocol Application

20 TCP FTP data
21 TCP FTP control
23 TCP Telnet
25 TCP SMTP
53 UDP/TCP DNS
67, 68 UDP/TCP DHCP
69 UPP TFTP
80 TCP HTTP (WWW)
110 TCP POP3
161 UDP SNMP
Error Recovery (Reliably)
TCP provides for reliable data transfer, which is also called RELIABILITY or ERROR Recovery,
depending of what document you read. To accomplish reliability, TCP numbers data bytes using
the Sequence and Acknowledgment fields in the TCP header, TCP achieves reliability in both
directions, using the Sequence Number field and one direction combined with the
Acknowledgment field in the opposite direction.

Flow control using Windowing
TCP implement flow control by taking advantage of the sequence and Acknowledgment fields in
the TCP header, along with another field called the Window field. This window field implies the
maximum number of unacknowledged bytes allowed outstanding at any instant in time. The
window starts small and then grows until errors occur. The window then slides up and down
based on network performance. So it is sometimes called a Sliding Window. When the window
is full, the sender will not send, which controls the flow of data.

Connection Establishment and Termination
TCP connection establishment occurs before any of the other TCP features can begin their work.
Connection establishment refers to the process of initializing sequence and acknowledgment
fields and agreeing to port numbers used.
TCP connection- Establishment is a THREE WAY CONNECTION ESTABLISHMEN flow
must be completed before data can begin. The connection exists between the two
sockets, although there is no single socket field in TCP header. Of the three pats of a
socket, IP address are implied based on the source and destination IP address in the IP
header. TCP is implied because TCP header is in use,

TCP connection termination. This is a four- way termination sequence is
straightforward and uses an additional flag, called the FIN bit. (FIN is short for
FINISHED

Connectionless and Connection-Oriented Protocols
The terms connection-oriented and connectionless have some relatively well-known
connotations inside the world of networking protocols. The meaning of the term is intertwined
with error recovery and flow control, but they are not the same.
Connections-Oriented protocol A protocol either that requires an exchange
of misusages before data transfer begins or that has a required pre-established
correlation between two end points.

Connectionless protocol A protocol that does not require an exchange of
messages and that does not require a pre-established correlation between two
endpoints.

TCP is indeed connection oriented because of the set of three messages that establish a TCP
connection. Likewise Sequenced Packet Exchange (SPX), a transport layer protocol form Novell,
is connection oriented. When using permanent virtual circuits (PVC), Frame relay does not
require any messages to be send ahead of time, but it does require predefinition in the Frame
Relay switches. Establishing a connection between Two Frame Relay attached devices.
Many people confuse the real meaning of connection-Oriented with the definition of a
reliable or error-recovering, protocol. TCP happens to do both, but just because a
protocol is connection-oriented does not mean that is also performs error recovery.

Protocol Characteristics: Recover and Connections:
Connected? Reliable? Examples

Connection-Oriented YES LLC TYPE 2(802.2), TCP, NOVELL SPX

Connection-Oriented NO Frame Relay VC, ATM VCs, PPP

Connectionless YES FTTP, NetWare NCP (No Packet Burst)

Connectionless No UDP, IP, Most Layer 3 Protocols
Data Segmentation and Ordered Data Transfer
Each different type of data link protocol typically has a limit on the Maximum
Transmission Unit (MTU) that can be sent. MTU refers to the size of the data
according to the data link-Layer in other words, the size of the Layer 3 Packet that sits inside the
data field of a frame. For many data link protocols, Ethernet included, the
MTU is 1500 bytes
TCP handles the fact that an application might give it millions of bytes to send by Segmenting
the data into smaller pieces, called segments. Because an IP packet can often be no more the
1500 bytes, and because IP and TCP header are 20 bytes each, TCP typically segments large data
into 1460 bytes (or smaller)segments.

You should also be aware of some terminology related to TCP segmentation. The TCP
header, along with the data field, together is called a TCP SEGMENT.

The term L4PDU can also be used instead of the term TCP segment because TCP is a
Layer 4 Protocol

TCP FUNCTION Summary
Function
Multiplexing Function that allows receiving host to decide the correct application, for
which the data is destined, based on the port number.
Error recover (reliability) Process of numbering and acknowledging data with Sequence
and Acknowledgment header fields.
Flow control using Windowing Process that uses window sizes to protect buffer space
and routing devices.
Connection Establishment and Termination Process used to initialize port
numbers and sequence Acknowledgments fields.
Ordered data transfer and data segmentation Continuous steam of Bytes for
upper-layer process that is segmented for transmission and delivery to upper-
Layer process at the receiving device, with the bytes in the same order
The User Datagram Protocol
UDP provides a service for application to exchange messages. Unlike TCP, UDP is
connectionless and
Provides NO:
NO Reliability
NO Windowing
NO Re-Ordering of the received data

However UDP provides some function of TCP:
Does Provide
Does Do Data Transfers
Does Do Segmentation
Does Do Multiplexing using port numbers.

And it does it with fewer bytes of overhead and with less processing required.

IP ADDRESSING DEFINITIONS
If a device wants to communicate using TCP/IP, it needs an IP address.
When the device has an IP address and the appropriate software and hardware, it can send and
receive IP packets.
Any device that can send and receive IP packets is called an IP host.
IP address consists of a 32-bit number, usually written in dotted-decimal notation. The
decimal part of the term comes form the fact that each byte (8 bits) of the 32-bit address is
converted to its decimal equivalent.
The four resulting decimal numbers are written in sequence, with dots, or decimal points,
separating the numbers hence the name dotted-decimal.
Each of the decimal number in an IP address is called an octet. The term octet is just a vendor-
neutral term instead of byte. So, for an IP address of 168.1.1.1, the first octet is 168, the second
octet is 1, and son on.
The range of decimal numbers in each octet is between 0 and 255, inclusive.

Data Encapsulation
The term encapsulation describes the process of putting headers and trailer around
some data.

The complete process of data encapsulation with TCP/IP is a FIVE STEP process.

This included the typical encapsulation by the application, Transport, network, and network
interface (referred to as data link) layers as steps 1 through 4 in the five step processes. The
fifth step was the physical layers transmission of the bit stream.
STEP 1
Create the application data and headers This simply means that the application has the data
to send.
STEP 2
Package the data for transport In other words, the transport layer (TCP or UDP) creates the
transport header and places the data behind it.
STEP 3
Add the destination and source network layer addresses to the data- The network layer
creates the network header, which includes the network layer address, and places the data
behind it.
STEP 4
Add the destination and source data link layer addresses to the data The data link layer
creates the data link header, places the data behind it, and places the data link trailer at the
end.
STEP 5
Transmit the bits- The physical layer encodes a signal onto the medium to transmit the frame.

Internet Protocols

Background

Internet Protocol (IP)
The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing
information and some control information that enables packets to be routed. IP is
documented in RFC 791 and is the primary network-layer protocol in the Internet
protocol suite. Along with the Transmission Control Protocol (TCP), IP represents the
heart of the Internet protocols. IP has two primary responsibilities: providing
connectionless, best-effort delivery of datagrams through an internetwork; and providing
fragmentation and reassembly of datagrams to support data links with different
maximum-transmission unit (MTU) sizes.

IP Addressing
As with any other network-layer protocol, the IP addressing scheme is integral to
the process of routing IP datagrams through an internetwork. Each IP address
has specific components and follows a basic format. These IP addresses can be
subdivided and used to create addresses for subnetworks, as discussed in more detail
later in this chapter.
Each host on a TCP/IP network is assigned a unique 32-bit logical address that is
divided into two main parts: the network number and the host number. The network
number identifies a network and must be assigned by the Internet Network Information
Center (InterNIC) if the network is to be part of the Internet. An Internet Service Provider
(ISP) can obtain blocks of network addresses from the InterNIC and can itself assign
address space as necessary. The host number identifies a host on a network and is
assigned by the local network administrator.
IP Address Format
The 32-bit IP address is grouped eight bits at a time, separated by dots, and represented
in decimal format (known as dotted decimal notation). Each bit in the octet has a binary
weight (128, 64, 32, 16, 8, 4, 2, 1). The minimum value for an octet is 0, and the
maximum value for an octet is 255. illustrates the basic format of an IP address.
Figure 30-3 An IP address consists of 32 bits, grouped into four octets.

I

IP Address Classes
IP addressing supports five different address classes: A, B,C, D, and E. Only classes A, B, and C are
available for commercial use. The left-most (high-order) bits indicate the network class. provides reference
information about the five IP address classes.
Table 30-1 Reference Information About the Five IP Address Classes
IP
Address
Class Format Purpose
High-
Order
Bit(s) Address Range
No. Bits
Network/Host
Max.
Hosts
A N.H.H.H
1
Few large
organizations
0 1.0.0.0 to
126.0.0.0
7/24 16777214
2
(2
24
- 2)
B N.N.H.H Medium-size
organizations
1, 0 128.1.0.0 to
191.254.0.0
14/16 65534 (2
16
- 2)
C N.N.N.H Relatively
small
organizations
1, 1,
0
192.0.1.0 to
223.255.254.0
21/8 254 (2
8
-
2)
D N/A Multicast
groups (RFC
1112)
1, 1,
1, 0
224.0.0.0 to
239.255.255.255
N/A (not for
commercial
use)
N/A
E N/A Experimental 1, 1,
1, 1
240.0.0.0 to
254.255.255.255
N/A N/A
1
N = Network number, H = Host number.
2
One address is reserved for the broadcast address, and one address is reserved for the network.

illustrates the format of the commercial IP address classes. (Note the high-order bits in each class.)
Figure 30-4 IP address formats A, B, and C are available for commercial use.

The class of address can be determined easily by examining the first octet of the
address and mapping that value to a class range in the following table. In an IP address
of 172.31.1.2, for example, the first octet is 172. Because 172 falls between 128 and
191, 172.31.1.2 is a Class B address. summarizes the range of possible values for the
first octet of each address class.
Figure 30-5 A range of possible values exists for the first octet of each address class.

IP Subnet Addressing
IP networks can be divided into smaller networks called subnetworks (or subnets).
Subnetting provides the network administrator with several benefits, including extra
flexibility, more efficient use of network addresses, and the capability to contain
broadcast traffic (a broadcast will not cross a router).
Subnets are under local administration. As such, the outside world sees an organization
as a single network and has no detailed knowledge of the organization's internal
structure.
A given network address can be broken up into many subnetworks. For example,
172.16.1.0, 172.16.2.0, 172.16.3.0, and 172.16.4.0 are all subnets within network
171.16.0.0. (All 0s in the host portion of an address specifies the entire network.)

IP Subnet Mask
A subnet address is created by "borrowing" bits from the host field and designating them
as the subnet field. The number of borrowed bits varies and is specified by the subnet
mask. shows how bits are borrowed from the host address field to create the subnet
address field.
Figure 30-6 Bits are borrowed from the host address field to create the subnet
address field.

Subnet masks use the same format and representation technique as IP addresses. The subnet mask,
however, has binary 1s in all bits specifying the network and subnetwork fields, and binary 0s in all bits
specifying the host field. illustrates a sample subnet mask.
Figure 30-7 A sample subnet mask consists of all binary 1s and 0s.

Subnet mask bits should come from the high-order (left-most) bits of the host field, as illustrates. Details of
Class B and C subnet mask types follow. Class A addresses are not discussed in this chapter because they
generally are subnetted on an 8-bit boundary.

Figure 30-8 Subnet mask bits come from the high-order bits of the host field.

Various types of subnet masks exist for Class B and C subnets.
The default subnet mask for a Class B address that has no subnetting is 255.255.0.0,
while the subnet mask for a Class B address 171.16.0.0 that specifies eight bits of
subnetting is 255.255.255.0. The reason for this is that eight bits of subnetting or 2
8
- 2
(1 for the network address and 1 for the broadcast address) = 254 subnets possible, with
2
8
- 2 = 254 hosts per subnet.
The subnet mask for a Class C address 192.168.2.0 that specifies five bits of subnetting
is 255.255.255.248.With five bits available for subnetting, 2
5
- 2 = 30 subnets possible,
with 2
3
- 2 = 6 hosts per subnet.
The reference charts shown in table 30-2 and table 30-3 can be used when planning
Class B and C networks to determine the required number of subnets and hosts, and the
appropriate subnet mask.

Table 30-2 Class B Subnetting Reference Chart
Number of Bits Subnet Mask Number of Subnets Number of Hosts
2 255.255.192.0 2 16382
3 255.255.224.0 6 8190
4 255.255.240.0 14 4094
5 255.255.248.0 30 2046
6 255.255.252.0 62 1022
7 255.255.254.0 126 510
8 255.255.255.0 254 254
9 255.255.255.128 510 126
10 255.255.255.192 1022 62
11 255.255.255.224 2046 30
12 255.255.255.240 4094 14
13 255.255.255.248 8190 6
14 255.255.255.252 16382 2

Table 30-3 Class C Subnetting Reference Chart
Number of Bits Subnet Mask Number of Subnets Number of Hosts
2 255.255.255.192 2 62
3 255.255.255.224 6 30
4 255.255.255.240 14 14
5 255.255.255.248 30 6
6 255.255.255.252 62 2

How Subnet Masks are Used to Determine the Network Number
The router performs a set process to determine the network (or more specifically, the
subnetwork) address. First, the router extracts the IP destination address from the
incoming packet and retrieves the internal subnet mask. It then performs a logical AND
operation to obtain the network number. This causes the host portion of the IP
destination address to be removed, while the destination network number remains. The
router then looks up the destination network number and matches it with an outgoing
interface. Finally, it forwards the frame to the destination IP address. Specifics regarding
the logical AND operation are discussed in the following section.

Logical AND Operation
Three basic rules govern logically "ANDing" two binary numbers. First, 1 "ANDed" with 1
yields 1. Second, 1 "ANDed" with 0 yields 0. Finally, 0 "ANDed" with 0 yields 0. The truth
table provided in table 30-4 illustrates the rules for logical AND operations.
Table 30-4 Rules for Logical AND Operations
Input Input Output
1 1 1
1 0 0
0 1 0
0 0 0

Two simple guidelines exist for remembering logical AND operations: Logically "ANDing"
a 1 with a 1 yields the original value, and logically "ANDing" a 0 with any number yields
0.
illustrates that when a logical AND of the destination IP address and the subnet mask is
performed, the subnetwork number remains, which the router uses to forward the
packet.
Figure 30-9 Applying a logical AND the destination IP address and the subnet
mask produces the subnetwork number.

Address Resolution Protocol (ARP) Overview
For two machines on a given network to communicate, they must know the other
machine's physical (or MAC) addresses. By broadcasting Address Resolution Protocols
(ARPs), a host can dynamically discover the MAC-layer address corresponding to a
particular IP network-layer address.
After receiving a MAC-layer address, IP devices create an ARP cache to store the
recently acquired IP-to-MAC address mapping, thus avoiding having to broadcast ARPS
when they want to recontact a device. If the device does not respond within a specified
time frame, the cache entry is flushed.
In addition to the Reverse Address Resolution Protocol (RARP) is used to map MAC-
layer addresses to IP addresses. RARP, which is the logical inverse of ARP, might be
used by diskless workstations that do not know their IP addresses when they boot.
RARP relies on the presence of a RARP server with table entries of MAC-layer-to-IP
address mappings.
Internet Routing
Internet routing devices traditionally have been called gateways. In today's terminology,
however, the term gateway refers specifically to a device that performs application-layer
protocol translation between devices. Interior gateways refer to devices that perform
these protocol functions between machines or networks under the same administrative
control or authority, such as a corporation's internal network. These are known as
autonomous systems. Exterior gateways perform protocol functions between
independent networks.
Routers within the Internet are organized hierarchically. Routers used for information
exchange within autonomous systems are called interior routers, which use a variety of
Interior Gateway Protocols (IGPs) to accomplish this purpose. The Routing Information
Protocol (RIP) is an example of an IGP.
Routers that move information between autonomous systems are called exterior routers.
These routers use an exterior gateway protocol to exchange information between
autonomous systems. The Border Gateway Protocol (BGP) is an example of an exterior
gateway protocol.

Note Specific routing protocols, including BGP and RIP, are addressed in individual chapters
presented in Part 6 later in this book.

IP Routing
IP routing protocols are dynamic. Dynamic routing calls for routes to be calculated automatically
at regular intervals by software in routing devices. This contrasts with static routing, where routers
are established by the network administrator and do not change until the network administrator
changes them.
An IP routing table, which consists of destination address/next hop pairs, is used to enable
dynamic routing. An entry in this table, for example, would be interpreted as follows: to get to
network 172.31.0.0, send the packet out Ethernet interface 0 (E0).

IP routing specifies that IP datagrams travel through internetworks one hop at a time. The entire
route is not known at the onset of the journey, however. Instead, at each stop, the next
destination is calculated by matching the destination address within the datagram with an entry in
the current node's routing table.
Each node's involvement in the routing process is limited to forwarding packets based on internal
information. The nodes do not monitor whether the packets get to their final destination, nor does
IP provide for error reporting back to the source when routing anomalies occur. This task is left to
another Internet protocol, the Internet Control-Message Protocol (ICMP), which is discussed in
the following section.
Internet Control Message Protocol (ICMP)
The Internet Control Message Protocol (ICMP) is a network-layer Internet protocol that provides
message packets to report errors and other information regarding IP packet processing back to
the source. ICMP is documented in RFC 792.
ICMP Messages
ICMPs generate several kinds of useful messages, including Destination Unreachable, Echo
Request and Reply, Redirect, Time Exceeded, and Router Advertisement and Router Solicitation.
If an ICMP message cannot be delivered, no second one is generated. This is to avoid an
endless flood of ICMP messages.
When an ICMP destination-unreachable message is sent by a router, it means that the router is
unable to send the package to its final destination. The router then discards the original packet.
Two reasons exist for why a destination might be unreachable. Most commonly, the source host
has specified a nonexistent address. Less frequently, the router does not have a route to the
destination.
Destination-unreachable messages include four basic types: network unreachable, host
unreachable, protocol unreachable, and port unreachable. Network-unreachable messages
usually mean that a failure has occurred in the routing or addressing of a packet. Host-
unreachable messages usually indicates delivery failure, such as a wrong subnet mask. Protocol-
unreachable messages generally mean that the destination does not support the upper-layer
protocol specified in the packet. Port-unreachable messages imply that the TCP socket or port is
not available.
An ICMP echo-request message, which is generated by the ping command, is sent by any host to
test node reachability across an internetwork. The ICMP echo-reply message indicates that the
node can be successfully reached.
An ICMP Redirect message is sent by the router to the source host to stimulate more efficient
routing. The router still forwards the original packet to the destination. ICMP redirects allow host
routing tables to remain small because it is necessary to know the address of only one router,
even if that router does not provide the best path. Even after receiving an ICMP Redirect
message, some devices might continue using the less-efficient route.
An ICMP Time-exceeded message is sent by the router if an IP packet's Time-to-Live field
(expressed in hops or seconds) reaches zero. The Time-to-Live field prevents packets from
continuously circulating the internetwork if the internetwork contains a routing loop. The router
then discards the original packet.

ICMP Router-Discovery Protocol (IDRP)
IDRP uses Router-Advertisement and Router-Solicitation messages to discover the addresses of
routers on directly attached subnets. Each router periodically multicasts Router-Advertisement
messages from each of its interfaces. Hosts then discover addresses of routers on directly
attached subnets by listening for these messages. Hosts can use Router-Solicitation messages to
request immediate advertisements rather than waiting for unsolicited messages.
IRDP offers several advantages over other methods of discovering addresses of neighboring
routers. Primarily, it does not require hosts to recognize routing protocols, nor does it require
manual configuration by an administrator.
Router-Advertisement messages enable hosts to discover the existence of neighboring routers,
but not which router is best to reach a particular destination. If a host uses a poor first-hop router
to reach a particular destination, it receives a Redirect message identifying a better choice.

Transmission Control Protocol (TCP)
The TCP provides reliable transmission of data in an IP environment. TCP corresponds to the
transport layer (Layer 4) of the OSI reference model. Among the services TCP provides are
stream data transfer, reliability, efficient flow control, full-duplex operation, and multiplexing.
With stream data transfer, TCP delivers an unstructured stream of bytes identified by sequence
numbers. This service benefits applications because they do not have to chop data into blocks
before handing it off to TCP. Instead, TCP groups bytes into segments and passes them to IP for
delivery.
TCP offers reliability by providing connection-oriented, end-to-end reliable packet delivery through
an internetwork. It does this by sequencing bytes with a forwarding acknowledgment number that
indicates to the destination the next byte the source expects to receive. Bytes not acknowledged
within a specified time period are retransmitted. The reliability mechanism of TCP allows devices
to deal with lost, delayed, duplicate, or misread packets. A time-out mechanism allows devices to
detect lost packets and request retransmission.
TCP offers efficient flow control, which means that, when sending acknowledgments back to the
source, the receiving TCP process indicates the highest sequence number it can receive without
overflowing its internal buffers.
Full-duplex operation means that TCP processes can both send and receive at the same time.
Finally, TCP's multiplexing means that numerous simultaneous upper-layer conversations can be
multiplexed over a single connection.

TCP Connection Establishment
To use reliable transport services, TCP hosts must establish a connection-oriented session with
one another. Connection establishment is performed by using a "three-way handshake"
mechanism.
A three-way handshake synchronizes both ends of a connection by allowing both sides to agree
upon initial sequence numbers. This mechanism also guarantees that both sides are ready to
transmit data and know that the other side is ready to transmit as well. This is necessary so that
packets are not transmitted or retransmitted during session establishment or after session
termination.
Each host randomly chooses a sequence number used to track bytes within the stream it is
sending and receiving. Then, the three-way handshake proceeds in the following manner:
The first host (Host A) initiates a connection by sending a packet with the initial sequence number
(X) and SYN bit set to indicate a connection request. The second host (Host B) receives the SYN,
records the sequence number X, and replies by acknowledging the SYN (with an ACK = X + 1).
Host B includes its own initial sequence number (SEQ = Y). An ACK = 20 means the host has
received bytes 0 through 19 and expects byte 20 next. This technique is called forward
acknowledgment. Host A then acknowledges all bytes Host B sent with a forward
acknowledgment indicating the next byte Host A expects to receive (ACK = Y + 1). Data transfer
then can begin.

TCP Sliding Window
A TCP sliding window provides more efficient use of network bandwidth than PAR because it
enables hosts to send multiple bytes or packets before waiting for an acknowledgment.
In TCP, the receiver specifies the current window size in every packet. Because TCP provides a
byte-stream connection, window sizes are expressed in bytes. This means that a window is the
number of data bytes that the sender is allowed to send before waiting for an acknowledgment.
Initial window sizes are indicated at connection setup, but might vary throughout the data transfer
to provide flow control. A window size of zero, for instance, means "Send no data."
In a TCP sliding-window operation, for example, the sender might have a sequence of bytes to
send (numbered 1 to 10) to a receiver who has a window size of five. The sender then would
place a window around the first five bytes and transmit them together. It would then wait for an
acknowledgment.
The receiver would respond with an ACK = 6, indicating that it has received bytes 1 to 5 and is
expecting byte 6 next. In the same packet, the receiver would indicate that its window size is 5.
The sender then would move the sliding window five bytes to the right and transmit bytes 6 to 10.
The receiver would respond with an ACK = 11, indicating that it is expecting sequenced byte 11
next. In this packet, the receiver might indicate that its window size is 0 (because, for example, its
internal buffers are full). At this point, the sender cannot send any more bytes until the receiver
sends another packet with a window size greater than 0.

TCP Packet Format
illustrates the fields and overall format of a TCP packet.
Figure 30-10 Twelve fields comprise a TCP packet.

TCP Packet Field Descriptions
The following descriptions summarize the TCP packet fields illustrated in :
Source Port and Destination PortIdentifies points at which upper-layer source and
destination processes receive TCP services.
Sequence NumberUsually specifies the number assigned to the first byte of data in the
current message. In the connection-establishment phase, this field also can be used to
identify an initial sequence number to be used in an upcoming transmission.
Acknowledgment NumberContains the sequence number of the next byte of data the
sender of the packet expects to receive.
Data OffsetIndicates the number of 32-bit words in the TCP header.
ReservedRemains reserved for future use.
FlagsCarries a variety of control information, including the SYN and ACK bits used for
connection establishment, and the FIN bit used for connection termination.
WindowSpecifies the size of the sender's receive window (that is, the buffer space
available for incoming data).
ChecksumIndicates whether the header was damaged in transit.
Urgent PointerPoints to the first urgent data byte in the packet.
OptionsSpecifies various TCP options.
DataContains upper-layer information.

User Datagram Protocol (UDP)
The User Datagram Protocol (UDP) is a connectionless transport-layer protocol (Layer 4) that
belongs to the Internet protocol family. UDP is basically an interface between IP and upper-layer
processes. UDP protocol ports distinguish multiple applications running on a single device from
one another.
Unlike the TCP, UDP adds no reliability, flow-control, or error-recovery functions to IP. Because
of UDP's simplicity, UDP headers contain fewer bytes and consume less network overhead than
TCP.
UDP is useful in situations where the reliability mechanisms of TCP are not necessary, such as in
cases where a higher-layer protocol might provide error and flow control.
UDP is the transport protocol for several well-known application-layer protocols, including
Network File System (NFS), Simple Network Management Protocol (SNMP), Domain Name
System (DNS), and Trivial File Transfer Protocol (TFTP).
The UDP packet format contains four fields, as shown in . These include source and destination
ports, length, and checksum fields.
Figure 30-11 A UDP packet consists of four fields.

Source and destination ports contain the 16-bit UDP protocol port numbers used to demultiplex
datagrams for receiving application-layer processes. A length field specifies the length of the
UDP header and data. Checksum provides an (optional) integrity check on the UDP header and
data.
Internet Protocols Application-Layer Protocols
The Internet protocol suite includes many application-layer protocols that represent a wide variety
of applications, including the following:
File Transfer Protocol (FTP)Moves files between devices
Simple Network-Management Protocol (SNMP)Primarily reports anomalous network
conditions and sets network threshold values
TelnetServes as a terminal emulation protocol
X WindowsServes as a distributed windowing and graphics system used for
communication between X terminals and UNIX workstations
Network File System (NFS), External Data Representation (XDR), and Remote Procedure
Call (RPC)Work together to enable transparent access to remote network resources
Simple Mail Transfer Protocol (SMTP)Provides electronic mail services
Domain Name System (DNS)Translates the names of network nodes into network
addresses

lists these higher-layer protocols and the applications that they support.
Table 30-5 Higher-Layer Protocols and Their Applications
Application Protocols
File transfer FTP
Terminal emulation Telnet
Electronic mail SMTP
Network management SNMP
Distributed file services NFS, XDR, RPC, X Windows

Internet Protocol IP
IP Addressing
First Octet Rage - XXXX.xxxx.xxxx.xxxx
XXXX = Class of the IP address
IP Address is equal to 32 bytes broken down in to 4 OCTETS of 8 bytes (4*8=32)
8 bytes. 8bytes. 8bytes. 8bytes
Ex: 130.23120.35
The IP address is broken down into 2/3 parts NETWORK, SUBNETWORK, and HOSTs
Network part can be one of three types:
CLASS A- Network with a range of 1.0.0.0 to 126.0.0.0
CLASS B- Network with a range of 128.0.0.0 to 191.254.0.0
CLASS C- Network with a range of 192.0.1.0 to 223.255.254.0

When Subnetting a Network, A third part of an IP address appears in the middle of the address-
Namely the SUBNET part of the address. This field is created by stealing or borrowing bits
form the host part of the address. The size of the network part of the address never shrinks- In
other words, Class A,B and C rules still apply when defining the size of the network part of the
address. The host part of the address shrinks to make room for the subnet part of the address.

The x^x 2 represents the two reserved IP address that cannot be used as an IP address the
Broadcast subnet and the Zero subnet address. Both for the HOST address and the Subnetwok.
One reserved subnet, the subnet that has all binary 0s
Class A network ex: 45.125.0(binary -0000000).25
In the subnet field, is called ZERO-SUBNET.
The subnet with all binary 1s is the subnet field called the
Broadcast Subnet and it is also reserved.

The Mask is a 32 bit binary number usually written in dotted-decimal format. The purpose of
the mask is to define the structure of an IP address.
Class A network ex: 45.125.256 (binary 1111111).25
IP address = 32 bits or 8 bytes

Four OCTETS make up the address with each OCTET =
8bytes or 32 bits
IP address: 1111111.00000000.00000000.11111111
Or : 255.0.0.255
Based on the size to the NETWORK you will know how many host bits you have to work with.
Broadcast address 255.255.255.256
Reserved IP address networks are
0.0.0.0 Used as a broadcast address
127.0.0.0 - Loop back address
128.0.0.0
191.255.0.0
192.0.0.0
223.255.255.0

Are all reserved and cannot be used in the public network.
CLASS A Network with a range of
IP Range 1.0.0.0 to 126.0.0.0
Number of Networks of this Class 2^7 2
Number of Hosts per Network 2^24 2
Size of the Network Part of the address (bytes) 1 byte or 8 bits
Size of the Host Pat of Address (bytes) 3 bytes or 24 bits
Default Mask for A Class network 255.0.0.0

CLASS B Network with a range of
IP Range 128.0.0.0 to 191.254.0.0

CLASS C Network with a range of
IP Range 192.0.1.0 to 223.255.254.0
Broadcast address 255.255.255.256

Converting IP Address from Decimal to Binary and back again
Binary (0 or 1) = 11111111
Conversion Table 128 64 32 16 8 4 2 1
Binary Format = 1 1 1 1 1 1 1 1
Decimal format = 256
Every OCTET must be compared to the table to produce a decimal value.

The Boolean AND operation
A Boolean AND is a math operation performed to a pair of one-digit binary numbers. The result
is another one-digit binary number.
0 AND 0 Yields a 0
0 AND 1 Yields a 0
1 AND 0 Yields a 0
1 AND 1 Yields a 1

To discover the Subnet Number in which a particular IP address resides, you perform a
BITWISE AND between the IP address and the SUBNET MASK.
Decimal Value Binary Value

Address 150.150.2.1 1001 0110 1001 0110 0000 0010 0000 0001
Mask 255.255.255.0 1111 1111 1111 1111 1111 1111 0000 0000
Result 150.150.2.0 1001 0110 1001 0110 0000 0010 0000 0000

The Result is the SUBNET NUMBER

Decimal to Binary Calculation
Bit Position 8 7 6 5 4 3 2 1
Bit Value 128 64 32 16 8 4 2 1

Counting in Mask Possible values
128 +64 +32 +16 +8 +4 +2 +1
|| = = = = = = =
Possible values 128 192 224 240 248 252 254 255
Calculation of Subnets values
256 256 256 256 256 256 256 256
- 128 -192 -224 -240 -248 -252 -254 -255
128 64 32 16 8 4 2 1
256 128 64 32 16 8 4 2
192 96 48 24 12 6 3
256 128 64 32 16 8 4
160 80 40 20 10 5
192 96 48 24 12 6
224 112 56 28 14 7
256 128 64 32 16 8
144 72 36 18 9
160 80 40 20 10
|| || || || ||

Last Possible Values 256 256 256 256 256

Prefix Notation
To understand prefix notation it is important to know that all subnet masks have some
number of consecutive binary 1s, followed by binary 0s. In other words, a subnet mast cannot
have 1s and 0s interspersed thought the mask- the makes always has some number of binary 1s
followed by binary 0s.Prefix notation is simply denotes the number of binary 1s in a mask,
preceded by a /. In other words, for subnet mask
255.255.255.0 = 11111111.1111111.1111111.00000000
= /24 in Prefix notation.
24 represent the 24 consecutive 1s in the mask address. (8*3 = 24)
255.255.0.0 = /16
255.0.0.0 =/8
IP address
Number of Number of
Class/Networks Networks Hosts Subnet Mask Host bits
A 1-126 2^7 -2 2^24-2 255.0.0.0 24 (2^24)
B 128-191 2^14 2 2^14- 2 255.255.0.0 16
C 192-223 2^24-2 2^8-2 255.255.255.0 8
D 224-239 Multicasting
E 240-254 Test network
Computer uses the mask to define the size of the network.

Counting in binary
2^ =1,2, 4, 8, 16, 32, 64, 128, 256, 512, 1024, 2048, 4056
2^4 = 16
2^8 = 256
*maximum value for a mask is 255. 256 is the broadcast value.

Reserved Address
0000.0000.0000.0000 - reserved
0.0.0.0 Broadcast Address (Zero Subnet)
1.1.1.1 Broadcast subnet
127.0.0.0 Loop back Address
128.0.0.0 Reserved
191.255.0.0 Reserved
192.0.0.0 Reserved
223.255.255.255 Reserved
Private Address
10.0.0.0 - 10.255.255.255 8
172.16.0.0 172.31.255.255 12
192.168.0.0 -192.168.255.255 16

Mask is a 32 bit binary number
255.255 .255.0
8bits.8bits.8bits.8.bits = 32 bits
Mask Brake down
Place Value for Binary 128, 64, 32,16,8,4,2,1
8bits 16bits 24bits 32bits
255. 255. 255. 255

Decimal to Binary conversion Calculation with Mask Values
Decimal Binary Bits
0 0000 0000 0
128 1000 0000 1 = 256-128 = 128 hosts per subnet
192 1100 0000 2 = 256-192 = 64 Hosts per subnet
224 1110 0000 3 = 256-224 = 32 Hosts per subnet
240 1111 0000 4 = 256-240 = 16 Hosts per subnet
248 1111 1000 5 = 256-248 = 8 Hosts per subnet
252 1111 1100 6 = 256-252 = 4 Hosts per subnet
254 1111 1110 7 = 256-254 = 2 Hosts per subnet
255 1111 1111 8 = 256-255 = 1 Hosts per subnet

HOW MANY HOSTS and HOW MANY SUBNETS
The following facts tell you how to find the sizes of the network, subnet, and host parts of an IP
address:
The network part of the address always is defined by class rules.

The host pat of the address always is defined by the mask: binary 0s in the mask mean
that the corresponding address bits are part of the host field.

The subnet part of the address is whats left over in the 32-bit address.

To find the amount of HOSTs and SUBNETs BITS
1) Get the IP address 8.1.4.5 (Class A network)
2) Get the MASK 255.255.0.0 = 1111111.1111111.00000000.0000000 (16 bits)
3) Number of Network BITS = Class A network has 8 bits Defined by Network Class
4) Number of Host Bits = Class A networks has 16 HOST BITS
1) Number of SUBNETS = 8

32 network size bits 8 + Host size bits 16 =

32 (8 + 16) = 32- 24 = 8 bits

Number of network bits 8
Number of host bits 16
Number of subnet bits 8

INTERESTING MASK is a (Non 255 default value for mask)
IP Address: 130.4.102.1
MASK: 255.255.252.0
CLASS B Network with a range of
The number of host bits implied by a mask becomes more apparent after converting the mask to
binary. In the first mask 255.255.252.0 there are ten binary 0s
Decimal 255.255.252.0
Convert to binary
Binary 11111111.1111111.11111100.00000000
(252)
Implying a 10 bit host field.
Because that mask is used with a Class B address (130.4.102.1), implying 16 network bits,
there are 6 remaining subnet bits.

The class rules define the network part

The mask binary 0s define the host part

Whats left over defines the size of the subnet part

Binary 11111111.1111111.11111100.00000000
16 bits network -6 remaining subnet bits- 10 bit host field

Chart to know 1
Decimal and Binary Values in a Single Octet of a Valid Subnet Mask
Decimal Value Binary Value
0 0000 0000
128 1000 0000
192 1100 0000
224 1110 0000
240 1111 0000
248 1111 1000
252 1111 1100
254 1111 1110
255 1111 1111

To find the subnet a IP address is a part of:

1) Get the ip address

IP Address: 130. 4.102.1
and Subnet Mask 255.255.252.0

2) Find the interesting mask 255.255.252.0 ( any number not 255)

3) Subtract the interesting (252) octet from 256

256- 252 = 4 (which is the Magic number)
4) Divide the corresponding interesting matching octave with to the magic number:
102 / 4 = 25
Then take the result and multiply it by the magic number
25 * 4 = 100 This give you the subnet that ip address in.
4) To find the subnet value just put a zero at the end of new address
130.4.100.0 (Subnet number)
Add one to the Subnet number and that will give you the First Valid IP address:
130.4.100.1 (First Valid IP address in the subnet)
Broadcast address is calculated by Subtracting 1 away from the next valid IP
address:
130.4.100.0
+4 (Amount of subnets in that network)
130.4.104.0 (Is the next subnet)
-1
130.4.103.255 (Broadcast address for the 130.4.100.0 Network)
Network bits are all 1s 1111 1111.1111 1111.1111 1111.0
Host bits are all 0s 11111111.00000000.00000000.00000000
255 is the last valid address in any type of network 256 is not used.

GIVEN THE IP ADDRESS AND MASK, HOW MANY SUBNETS ARE THERE?
And how many hosts are there is a single subnet?
Calculations:
Number of SUBNETS = 2^number of subnets bits 2
(Based on whether or not it is ClassFull or ClassLess)
Number of Host = 2^number of host bits - 2
STEP 1 Identify the structure of the IP address
IP Address 8.1.4.5 /16
STEP 2- Identify the size of the network part of the address, based on Class A,B and C rules
This is a Class A network = 8 bits
STEP 3 Identify the size of the host part of the address, based on the number of binary 0s in
the mask. If the mask is tricky, us the chart of typical mask values to convert the mask
to binary more quickly.
255.255.0.0 Or /16 = 1111 1111.1111 1111.0000 0000.0000 0000
Host is equal to 16 bits (16 0s)
STEP 4 The size of the subnet part is whats left over; mathematically, it is 32- (Number of
network bits+ Host Bits)
32 (8 + 16) = 8
Size of the Subnet Part is = 8 bits
STEP 5 Declare the number of subnets, which is 2^ (number of subnets) 2
= 2^8 2 = 254
STEP 6 Declare the number of host per subnet, which is 2^ (number of host bits) 2
= 2^16 2 = 65,534

GIVEN THE IP ADDRESS AND MASK, HOW MANY SUBNETS ARE THERE?
And how many hosts are there is a single subnet?
1) IP Address: 130.4.102.1 / 22
/22 = 1111 1111.1111 1111.1111 1100.0000 0000 or 255.255.252.0
2) Class B Network
3) Network Bits 16
Host 10
4) 32 (16 + 10) = 6 bits for SUBNET
5) 2^6 - 2 = 62 Number of SUBNETS
2) 2^10 2 = 1022 HOSTs

Finding the SUBNET BROADCAST ADDRESS
The SUBNET BROADCAST address, sometimes called the DIRECTED BROADCATS ADDRESS, can
be used to send a packet to every device in a single subnet. However, few tools and protocols
use the subnet address anymore. How ever by calculating the subnet broadcast address, you
easily can calculate the largest valid IP address in the subnet, which is important part of
answering Subnetting questions.
There is a binary math operation to calculate the subnet broadcast address. However, there is a
much easier process, especially if you already have the subnet number in binary:
Change all the HOST bit values in the subnet number to binary 1s.
Decimal Binary
IP Address 199.1.1.100 = 1100 0111.0000 0001.0000 0001.0110 0100
Mask 255.255.255.0 = 1111 1111.1111.1111.1111 1111.0000 0000
Subnet
AND Result 199.1.1.0 = 1100 0111.0000.0001.0000.0001.0000 0000
Broadcast 199.1.1.255 = 1100 0111.0000 0001.0000 0001.1111 1111

FINDING THE RANGE OF VALID IP ADDRESS IN A SUBNET
The SUBNET number is the numerically smallest number in the subnet, and the broadcast
address is the numerically largest number. So, the rang of valid IP addresses starts with one
more than the SUBNET number and ends with the address that is one less than the broadcast
address.
Decimal Binary
IP Address 199.1.1.100 = 1100 0111.0000 0001.0000 0001.0110 0100
Mask 255.255.255.0 = 1111 1111.1111.1111.1111 1111.0000 0000
Subnet
AND Result 199.1.1.0 = 1100 0111.0000.0001.0000.0001.0000 0000
First address 199.1.1.1 = ( + 1 to the subnet address)
Broadcast 199.1.1.255 = 1100 0111.0000 0001.0000 0001.1111 1111
LAST
Address 199.1.1.254 (-1 from the Broadcast address)
Easier Math with Easy Masks
Of all the possible subnet masks, three mask,
255.0.0.0
255.255.0.0
255.255.255.0
These are called easy masks because you can find the subnet number and broadcast address
easily, without any real math tricks.
In fact, of the theses three masks, 255.0.0.0 does not actually case any Subnetting. So, this
section worries about only how to use the two easy masks that can be used for
Subnetting.255.255.0.0 or 255.255.255.0, do the following:
Step 1 Copy the first tow (mask 255.255.0.0) or the first three (mask 255.255.255.0) octets for
the original IP address.
Step 2 Write down 0s in the last two octets (mask 255.255.0.0) or the last octet (mask
255.255.255.0).

Finding the subnet broadcast address is just as easy:
Do the same thing that you did for finding the SUBNET, but instead of writhing down 0s
in the last octet or two, write down 255s.
When you know the subnet number and the broadcast address, you easily can find the first and
the last IP addresses in the subnet, using the same simple logic covered earlier:
To find the first valid IP address in the subnet, copy the subnet numbers, but add 1 to
the fourth octet.

To find the last valid IP address in the subnet, copy the broadcast address, but
subtract 1 from the fourth octet.

Easier Math with Difficult Masks
When the subnet mask is not 255.255.0.0 or 255.255, these are considered Difficult Mask.
The following Process help you find the SUBNET number and BROADCAST address without
binary math when using a difficult mask.
The unusual part of this shortcut begins when you draw a box around the interesting octet in
the table. The interesting octet is a mask octet that is not 255 or 0 it is called the
interesting octet because it is the one which give the most problems.
First you put in the IP address and the mask. Next you should complete the chart for everything
to the left of the box. To complete the chart, look at the original I address octets to the left of
the box, and copy those into the subnet, first valid address, broadcast, and last valid address
fields. Not that only octets fully to the left of the box should be copied- the interesting octet,
which is inside the box, should not be copied.
SUBNET CHART
OCTET 1 2 3 4
Address 130 4 102 1
Mask 255 255 252 0
Subnet Number 130 4
First address 130 4
Broadcast Address 130 4
Last Address 130 4

To find the subnet number the first step is easy. In the SUBNET number, for any octets fully to
the right of the box, write down a 0. That should leave you with one octet of the subnet
number missing- the interesting octet
Next comes the tricky part of this shortcut, which gives tyou the value of the SUBNET NUMBER
in the interesting octet.
First, you find the MAGIC NUMBER which is =
256 (The mask INTERESTING OCTET)
Or for this question
256 252 = 4 (MAGIC NUMBER)
Then you find the multiple of the magic number that is the closest to the address interesting
octet, and this multiple is less that or equal to 102.
4 * 25 = 100 < 102 or 102 / 4 = 25.5 rounding give you 25 * 4 = 100
So the Subnet number is equal to 100
Steps for finding the SUBNET Networks
Step 1 Find the magic number, which is 256 the value of the masks interesting
octet.

Step 2 Find the multiple of the magic number that is closet to, but not greater than the
address interesting octet.

Step 3 Write down the multiple of the magic number as the value of the subnet
numbers interesting octet.

SUBNET CHART
OCTET 1 2 3 4
Address 130 4 102 1
Mask 255 255 252 0
Subnet Number 130 4 100 0
First address 130 4 100 1
Broadcast Address 130 4 103 255 Subnet-interesting-octet + magic - 1 ( 100 + 4 - 3)
Last Address 130 4 103 254 SUBTRACT 1 FROM THE FOUTH OCTET
Magic # = 256 -252 = 4 (4 * 25 = 100 < 102)
ADD 1 TO THE FOUTH OCTET OF THE SUBNET

The magic number is 256 minus the masks interesting octet. In this case, you
have 256 -252, or a magic number of 4. Then you add the magic number to the interesting octet
value of the subnet number and subtract 1. The result is the broadcast addresss value in the
interesting octet.

100 + 4 (magic number) 1 = 103 (Gives you the BROADCAST ADDRESS)

When you know the broadcast address, you easily can find the last valid IP address in the
subnet:

To find the last valid IP address in the subnet, copy the broadcast
address, but subtract 1 form the fourth octet.

To find the broadcast addresss interesting octet value, take the
subnet numbers interesting octet value, add the magic number,
and subtract 1.

Step 1 Create and complete the easy parts of the subnet chart
Create a generic subnet chart.
Write down the iP address and subnet mask in the first two rows of the chart.
Draw a box around the column of the interesting octet
Copy the address octets to the left of the line or the box ion into the final four rows of
the chart.

Step 2 Derive the subnet number and the first valid IP address.
Write down 0s in the subnet number for the octets to the right of the box.
Find the magic number, which is 256 minus the value of the masks interesting octet.

Find the multiple of the magic number that is closet to but not greater that the
addresss interesting octet.

Write down that multiple of the magic number as the value for the subnet numbers
interesting octet.

To find the first valid IP address in the subnet, copy the subnet number, but add 1 to the
fourth octet.

Step 3 Derive the broadcast address and the last valid IP address.
Write down 255 in the broadcast address octet to the right of the ling or the box

To find the broadcast addresss interesting octet value, take the subnet number
interesting octet value, add the magic umber, and subtract 1.

To find the last valid IP address in the subnet, copy the broadcast address, but subtract 1
form the fourth octet.

What Subnet Masks Meet the Stated Design Requirements?
Your are using a Class B network x, and your need to have 200 subnets, with at most
200 host per subnet. Which of the following subnets masks can be used?
To find the correct answer to these types of question, you first need to decide how may subnets
bits and host bits you need to meet the requirements. Basically, the number of hosts per subnet
is 2^x 2 where x is the number of host bits in the address. Likewise, the number of subnets of a
network, assuming that the same subnet mask is used all over the network, is bits and shot bits
are required, you can figure out what mask, or mask, meet the stated design goals in the
question.
Examples : Your network can use Class B network 130.1.0.0 what subnet masks meet the
requirement that you plan to allow at most 200 subnets, with at most 200 hosts per subnet?
First you need to figure out how many subnet bits allow for 200 subnet. You simply can use
the formula 2^x 2 and plug in values for x, until one of the number is at least 200. In this
case, x turns out to be 8 in other words, you need at least 8 subnet bits to allow for 200
subnets.

Number of bits in Maximum Number of
the host or subnet field Host of Subnets (2^x 2)
x Check
X= 1 0 (2^1- 2 =0)
X= 2 2 (2^2 - 2 = 2)
X= 3 6 ( 2^3 -2 = 6)
X= 4 14 (2 ^4 - 2 = 14)
X= 5 30 (2^5- 2 = 30)
X= 6 62 (2 ^6 - 2 = 60)
X= 7 126 (2^7 - 2 = 126)
X= 8 ******* 254 (2^8 - 2 = 254)
X= 9 510 (2^9 - 2 = 510)
X= 10 1,022 (2^10 - 2 = 1,022)
X= 11 2,046 (2^11 - 2 = 2,046)
X= 12 4,094 (2^12 - 2 = 2,046)
X= 13 8,190 (2^13 - 2 = 8,190)
X= 14 16,382 (2^14 - 2 = 16,382)
2^X-2 = XXX or 2^X IS ONLY USED TO DETERMIN WEATHER OR NOT TO USE THE
ZEOR SUBNET. DEFINED WHEN THE ROUTING PROTOCOL IS USED ClassLess or
ClassFull. IT will tell you weather or not you can use a SUBNET. The Host Calculation
will never change 2^x-2= xxxx

7 subnet bits are not enough because that allows for only 126 subnets. You need 8 subnet
bits, and similarly, because your need up to 200 hosts per subnet, you need 8 host bits.
2^8 2 = 254 ( with 8 subnet bits gives you 254 hosts)
2^7 2 = 126 ( with 7 subnet bits gives you 126 hosts)
Finally, you need to decide somehow what mask(s) to use, knowing that you have Class B
network and that you must have at least 8 subnet bits and 8 host bits. Using the letter N to
represent network bits, the letter S to represent subnet bits, and the letter H to
represent host bits, the following test shows the size of the various fields.
NNNN NNNN.NNNN NNNN.SSSS SSSS. HHHH HHHH
All that is let is to derive the actual subnet mask. Because you need 8 bits for the subnet field
and 8 for the host field, and the network field takes up to 16 bits, you already have allocated all
32 bits of the address structure. So, only one possible subnet mask works. To figure out the
mask, you need to write down the 32-bit subnet mask, applying the following fact and subnet
masks
Subnet bits in a subnet mask are, by definition, all binary 1s
Similarly,
The host bits in a subnet mask are, by definition, all binary 0s.
So, the only valid subnet masks, in binary; is this
1111 1111.1111 1111.1111 1111.0000 0000
When converted to Decimal, this is 255.255.255.0
Your network can use Class B network 130.1.0.0. What subnet masks meet the
requirement that you plan to allow at most 50 subnets, what at most 200 host per subnet
For this design, you still need at least 8 host bits, but now you need only at least 6 subnet bits.
Six subnet bits would allow for 2^6 2 = 62 (closes to 50 subnets), subnets. Following the
same conversion as before, but now using an x for bits that can either subnet or host bits, the
format of address structure work be as follows:
NNNN NNNN.NNNN NNNN.SSSS SSXX.HHHH HHHH

In other words, the address will have 16 network bits, at least 6 subnet bits, and at least 8 host
bits. This example actually allows for three valid subnet masks, whose structure is as follows:
8 subnet, 8 hosts BITS
NNNN NNNN.NNNN NNNN.SSSS SSSS.HHHH HHHH
1111 1111.1111 1111.1111 1111.0000 0000
Binary = 255.255.255.0
7 SUBNET, 9 HOSTS BITS
NNNN NNNN.NNNN NNNN.SSSS SSsH.HHHH HHHH
1111 1111.1111 1111.1111 1110.0000 0000
BINARY = 255.255.254
6 SUBNET, 10 HOST BITS
NNNN NNNN.NNNN NNNN.SSSS SSHH.HHHH HHHH
1111 1111.1111 1111.1111 1111.0000 0000
BINARY = 255.255.252.0

What are the other SUBNET numbers?
First the question needs a better definition or at least, a more complete one. The
question might be better stated like this;
If the same subnet mask is used for all subnets of this Class A,B, or C
network, what are the valid subnets?
IP design conversions do not require the engineer to use the same mask for every subnet.
Unless specifically stated, the question : What are all the subnets? Probably assumes that the
same mask is used for all subnets, unless the question specifically state that different mask can
be used on different subnets.

The three Step process for finding the other subnet values.
Three-Step process Generic Subnet List Chart.
SUBNET CHART
OCTET 1 2 3 4
Address 130 4 0 0
Mask 255 255 252 0
Subnet Number zero # 130 4 0 0
First Subnet address 130 4 4 0
Next valid Subnet 130 4 8 0
Last Subnet # 130 4 248 0
Broadcast Address 130 4 252 0
Check-- 8 SUBNET BITS = 2^6 2 = 62 AND 248 / 4 = 62
62 SUBNETS SHOULD BE CONFIGURED.
1) Write down the Network IP address number and subnet mask in the first two rows for
the subnet list chart.

2) Write down the network number in the third row. This is the zero subnet. Which is
one of the two reserved subnets.

3) Do the follow two tasks, stopping when the next number that you would write down
is the interesting column is 256.

a. Copy three non-interesting octets form the previous line.

b. Add the magic number to the previous interesting octet, and write that down as
the value for the interesting octet.

IP Routing and Subnets
This article describes the basics of IP routing. We will consider the example of a
simple network and trace the life of a packet as it gets routed from one node to
another. The routing tables at each node will be discussed.
Before we go into depth of IP routing, we need to understand IP addresses. This
is covered in the next section.
IP Address Classification
IP addresses are 32 bit integers which are represented in the familiar dot based
notation. The dot based notation is nothing but a decimal representation for each
byte of the IP address. For example, an IP address with a hex value of
0x800A080B is represented as 128.10.8.11.
The internet, as the name suggests, is a network of networks. Thus to uniquely
identify a host on the internet, one needs to know the network's id and the host's
id in the network. Thus IP address consist of two components, the network id and
the host id. The network id is the number assigned to a network in the internet.
Host id represents the id assigned to a host in the network.
The figure below shows different classes of IP addresses. These addresses differ
in the number of bits assigned to the network and host ids. Different classes of
addresses serve different needs. For example, a class A IP address is suitable
when the internet consists of a small number of networks but each network
consists of a large number of hosts. On the other extreme, class C addressing is
suitable for internets with a very large number of networks, with a small number
of hosts per network.

An Example Internet
Subnets
The figure below describes a small internet consisting of three networks 128.8,
128.9.1 and 128.9.2. Strictly speaking, the internet consists of 128.8 network and
128.9.1 and 128.9.2 sub-networks (subnets). As we have seen in the previous
section, 128.8 and 128.9 should have been classified as the network portion of a
class B IP address. In this network 128.9 has been divided into two sub-networks
(128.9.1 and 128.9.2) by using one of the bytes of the two byte host id as sub-
network id.
Another way to look at this is that the first three bytes of IP addresses in 128.9.1
and 128.9.2 subnets are used for routing the packet. The other bits in the IP
address are don't care from routing point of view. The specification of bits that
should be used for routing is specified by associating a subnet mask with a
routing entry. In this example, the subnet mask is 255.255.255.0 (0xFFFFFF00).
IP Routing
Networks in the internet are connected to each other via routers. Routers carry
traffic from one network/subnet to another. Routers maintain a routing table to
decide how to route the IP packets. Each routing entry consists of the destination
address, subnet mask and "route to" field. When a message needs to be routed
to an IP address, the following steps are followed:
1. The destination IP address is masked with the subnet mask and then
compared with the destination field for all entries in the routing table.
2. This comparison may yield a match with more than one entry the entry
with the longest subnet mask will be selected. E.g. , a packet destined for
128.8.1.2 reaching Host A would match the entries corresponding to
128.8.1.2 and 128.8.0. The entry corresponding to 128.8.1.2 will be
selected, as it has a longer subnet mask.
3. Once an entry has been selected, the "route to" field is consulted and the
action taken depends on the contents of this field:
o If the "route to" field contains SELF the packet is meant for this
node. The IP packet is passed to the OS for application processing
o If the "route to" field contains a LAN interface id, the packet is
destined for a LAN that is directly connected to the router/host. In
this case, the packet is routed directly on the LAN.
o If the "route to" field contains an IP address, the packet is
forwarded to the IP address specified. Further routing of the packet
will be carried out by the specified IP address.
Note: IP routing also supports a default entry. If the packet does not match any
other entry, it is routed according to the default entry.

Multiple IP Addresses
Another important aspect of internets is a node in the internet can have multiple
IP addresses. There will be one IP address per interface. For example, the
Router in the figure above has three IP addresses, viz. 128.8.1.1, 128.9.1.1 and
128.9.2.1.

Routing of a Packet from Host A to Host C
Here we will trace the path taken by an IP packet sent from Host A to Host C.
Routing related fields in the Ethernet MAC header and IP header are shown.
Host A originates an IP packet towards Host C
1. Application sends a message to Host C by sending it to 128.9.2.2 IP
address (Host C's IP address).
2. This IP address matches the entry corresponding to 128.9.0.0. The "route
to" field for the selected entry contains another IP address - 128.8.1.1.
This is the IP address of the Router.
3. The IP routing table is accessed again for 128.8.1.1.
4. The entry that matches 128.8.1.1 contains LAN 0 interface id. This
specifies that the destination node is directly connected to the host.
5. This packet is passed to the device driver.
6. Device driver consults the ARP cache to identify the Ethernet MAC
address corresponding to the 128.8.1.1. (ARP is covered in another
article).
7. Ethernet frame is sent to the MAC address found by ARP.
The packet sent on the 128.8 LAN is:
Ethernet MAC Header IP Packet Payload
Destination MAC
Address
Source MAC
Address
Destination IP
Address
Source IP
Address
Payload
Router MAC
Address
Host A MAC
Address
128.9.2.2 128.8.1.2

Router send the IP packet to Host C
1. Router receives the Ethernet frame and passes it to the IP layer.
2. IP routing table is consulted and a matching entry is found corresponding
to 128.9.2 subnet.
3. Packet is routed on the LAN 2 interface.
4. Host C's MAC address is found from the ARP cache.
5. Ethernet frame is addressed to Host C MAC Address.

The packet sent over the 128.9.2 LAN is:
Ethernet MAC Header IP Packet Payload
Destination MAC
Address
Source MAC
Address
Destination IP
Address
Source IP
Address
Payload
Host C MAC
Address
Router MAC
Address
128.9.2.2 128.8.1.2
Host C receives the IP packet
1. Host C receives the Ethernet frame and passes it to the IP layer.
2. IP routing table is searched and a match is detected with 128.9.2.2 entry.
3. The "route to" field contains SELF, so the message is passed to the higher
layer for delivery to the application.

CIDR Classless Inter-domain Routing

NAT- Network addresses Translation.
CIDR**********
RFC 1817 - Which calls for (combine) or aggregating multiple network numbers into a
single routing entity.
Has to be consecutive network numbers.

Private Addressing
RFC 1918 Some computer will never be connected to the internet. These computer IP
addresses could be duplicates of registered IP address in the internet.
Private Address Space RFC 1918 Class Network
10.0.0.0 to 10.255.255.255.255 A
172.16.0.0 to 172.31.255.255 B
192.168.0.0 to 192.168.255.255 C

NAT
RFC 1631 Allows a host that does not have a valid registered IP address to
communicate with other host through the Internet.
NAT achieves its goals by using a valid registered IP address to represent the private address
to the Rest of the Network.
Types of NAT
Static NAT one to one mapping with 254 static maps per IP outside address.

Dynamic NAT Automate mapping of IP Inside to Public addressing using a pool of
IP address

PAT Overloading with Port Address Translation.

Cisco calls private IP addresses used
In the INSIDE network is called the Inside Local
And
On the OUTSIDE or internet inside are called GLOBAL address

Terminology Meaning
Private = Local or Inside address
Public = Global
Outside = Internet
Outside public = Outside of the network.
Outside global = or Internet ready IP address.
Outside local = Internet IP address.
Private Router ISP PUBLIC
Router

>------ CHANGE ---------

10.1.1.2 100.34.45.6
The Source IP Address and Source Port (if the PORT is all ready used Only can be used ONE per
PAT IP Address) has to change to an IP address which is GLOBALLY Routable. That is when
NAT Changes the Inside Local to an Inside Global address. The Inside Global IP Address is what
Web servers send back requested information to. The Inside Global Address is what the ISP
sees since the serial link to the ISP interfaces are on the same Subnet. The web servers will
send information to the Private Router Serial interface IP address which is Globally Routable.

Inside Network
Private Network
Privet IP address
INSIDE LOCAL
Not able to be
routed out side.
Outside Network
Public Network
(Internet)
Change to a
INSIDE GLOBAL
IP address which
is outside
Routable.

Overloading with PAT
Overloading allows NAT to scale to support many clients with only a few public IP
address. This is based on each ip connection being supplied a port number during the
communications. Nat uses the overload command to perform its functions.
PAT Port addressing Translation can use more than 65,000 ports.

NAT Configuration
Static Commands:
Router (config) # Int e0/0
Router (config-int) # Ip address 10.1.1.3 255.255.255
Router (config-int) # ip nat inside
Router (config) # Int s0/0
Router (config-int) # Ip address 200.1.1.3 255.255.255
Router (config-int) # ip Nat outside
To Show the map of Inside and Outside IP mapping table.
Command:
>Router # Show ip Nat translations

PAT can use the same OUTSIDE Global IP ADDRESS for different computers IP Address
but the Port number cannot be the same.

To show the Translations this means Source IP Address changed to a Global IP address table.
Command:
Router # Show IP NAT Translations

To show the connections how may time NAT was used Misses and Hits and Expired.
Command:
Router # Show ip NAT Statistics

Dynamic NAT configurations
Router # ip Nat inside ----------- Ethernet interface (LAN)
Router# ip Nat outside ---------- Serial interface (WAN)
Router# ip Nat pool Fred 200.1.1.1 200.1.1.2 255.255.255.252
ip Nat pool - command for dynamic nat configuration
Fred access list named Fred
200.1.1.1 200.1.1.2 range of valid inside global address.

Router# Ip Nat pool Fred
Router# Nat inside source list pool Fred
Router# access list 1 permits 10.1.1.2
Router# access list 1 permits 10.1.1.3
Router# Clear IP NAT Translation Clears all mapping made in the routers
Router# debug IP NAT

NAT OVERLOAD configurations
All the rest is the same except the Overload command which must be used.

Full command to use NAT once the Interfaces have been set up with
IP NAT INSIDE and IP NAT Outside Commands.
Router # IP NAT INSIDE / Source LIST ACL-number/Interface type-and-number overload
Router# ip Nat inside source list 3 interface serial 0/1/0 over load
Router # access-list 3 permit 172.22.0.0 0.0.255.255
(Permit ONLY =Access-List IP range must match to be able to use the NAT PAT
Translations (UP to 65,000 translations for NAT PAT.)

To fine tune the balance of the traffic flow two commands are used:
First The:
# Variance X
Command which means any additional routs to the same subnet with a metric lower then X it
will be considered equal to the same metric as the route with the lowest metric.
# Variance 4 command -----would mean metric 200 < 400 = 400
The lowest metric is 400.
Second the:
Router# Traffic-Share min
Command used by IGRP tells the router to only use the route which has the lowest metric
when there are multiple routes to the same subnet. If this is not used the router will balance
the traffic across multiple paths based on the metrics of the routs in the routing table.
Metrics are generated by using Bandwidth and Delay in the calculation for the route metric.

Internet Control Message Protocol
TCP/IP includes a protocol specifically to help manage and control the operation of a TCP/IP
network called the Internet Control Message Protocol (ICMP).
The ICMP protocol provides a wide variety of information about the health and
operation status of a network, Control Message is the most descriptive part of the name

ICMP - defines messages that helps control and manage the work of IP and, therefore,
is considered to be part of TCP/IPs network layer. Because ICMP helps
control IP, it can provide useful troubleshooting information.

In fact, the ICMP messages sit inside an IP packet, with no transport layer header at all
so it is truly just an extension of the TCP/IP network layer.

ICMP defined - Occasionally a gateway (router) or destination host will communicate with a
source host for example, to report an error in a datagram processing. For such purposes, this
protocol, the Internet Control Message Protocol (ICMP, is used. ICMP uses the basic support of
IP as if it were a higher level protocol; however, ICMP is actually an integral part of IP and must
be implemented by every IP module.
ICMP Message Types
Message Purpose
Destination unreachable This tell the source host that there is a problem delivering a
packet

Time exceeded The time that it takes a packet to be delivered has expired; the
packet has been discarded.

Redirect The router sending this message has received some packets for
which another router would have had a better route; the
message tell the sender to use the better route.

Echo This is used by the ping command to verify connectivity.

ICMP Echo Request and Echo Reply
The ICMP echo request and echo reply messages are sent and received by the
ping command.
In Fact when people say that they sent a ping packet they really
mean that they sent an ICMP echo request.

These two messages are very self-explanatory. The echo request simply means that the host to
which it is addressed should reply to the packet.
The echo reply is the ICMP message type that should be used in the reply.

The echo request includes some data that com be specified by the ping command;
whatever data is sent in the echo request is sent back in the echo reply.

The ping command sends a packet to the stated destination address. The TCP/IP
software at the destination then replies to the ping packet with a similar packet.

The ping command sends the first packet and waits for a response. If a response is
received, the command displays an exclamation mark (!)
If no response is received with in the the default timeout of 2 secons, the ping command
displays a period(.).

The IOS ping command sends five of these packets by default.

We should look at a feature of the Cisco ping (and trace) command tat lets up specify a
source address so that we can test connectivity form any interface. This is called the
extended ping feature and work only in privilege mode. Basic ping will work in both
user and privileges modes. The feature is implemented by typing ping at the prompt
without a destination address. You then see a series of prompts offering choices.
Extended Ping Commands
Router# ping without any destination address this will
give you additional Choices to chose the
type of Ping and location you want to Ping
from.

Destination Unreachable ICMP message
The ICMP Destination Unreachable message is sent when a message cannot be delivered
completely to the application at the destination host. Because packet deliver can fail for many
reasons, there are five separate unreachable function (codes) using this single
ICMP unreachable message. All five code types pertain directly to an IP, TCP, or UDP feature.
ICMP Unreachable codes
Unreachable Code When is it used What it typically
is sent by
Network Unreachable There is no match in routing table Router
For the packets destination

Host Unreachable The packet can be routed to a router Router
Connected to the destination subnet,
But the host is not responding.

Cant fragment The packet has the Dont Fragment bit Router
set, and a router must fragment it to forward
The packet.

Protocol unreachable The packet is delivered to the destination Endpoint host
Host but, the transport layer protocol is
not available that host.

Port unreachable The packet is delivered to the destination Endpoint host
Host, but the destination port has not been
Opened by an application.

One key to troubleshooting with the ping command is understanding the various
codes the command uses to signify the various responses it can receive.

Codes that the ping Command is uses to signify the various responses it can receive.
Ping
Command Code Description
! ICMP Echo Reply received
. Nothing was received before the ping command timed out.
U ICMP unreachable (destination)
N ICMP unreachable (network) received
P ICMP unreachable (port) received
Q ICMP source quench received
M ICMP Cant fragment messages received
? Unknown packet received

IP Naming Commands
When using the IOS CLI, you will want to refer to names instead of IP addresses. Particularly for
the trace, ping, and telnet commands, the IP address or host name nust be supplied.
IOS can use statically configured name as well as refer to one or more DNSs.
Command:
Ip host mark 10.1.1.1
Ip host Sam 10.23.23.45

CIDR *******
CIDR is a convention defined in RFC 1817 that calls for aggregating multiple network
numbers into a single routing entity. CIDR actually was created to help the scalability of the
Internet router- imagine a router in the Internet with a route to every Class A,B, and C network
on the planet! There are actually a little more than two million Class C networks alone! By
aggregating the routes, Internet router have a significantly smaller number of routs in their
routing tables.
Private addressing
Some computer will never be connected to the Internet. These computers IP addresses
could be duplicates of registered IP addresses in the Internet. So, when designing the IP
addressing convention for such a network, and organization could pick and use any network
number(s) that it wanted, and all would be well.
Network Address Translation (NAT)
NAT, defined in RFC 1631, allows a hast hat does not have a valid registered IP address
to communicate with other hosts thorough the Internet. Of course, if you do not have to use a
registered IP address, you can help avoid the day when we run out of available IP address! NAT
allows these address that are not Internet-ready to continue to be used but still allows
communication with host across the Internet.
To conserve address, NAT uses an additional feature called PORT ADDRESS
TRANSLATION (PAT). PAT takes advantage of he fact that a server really does not care
whether it has one connection each to three different host or there connection to a single host
IP address. S, NAT/PAT translates the private IP address into a valid public address as the packet
exits the private IP network. How ever, instead of just translating the IP address, it also
translates the port number.
The NAT router keeps a NAT table entry for every unique combination of private IP address and
port, with the translation to the public IP address and a unique port number associated with the
public IP address. Because the port number field has 16 bits, NAT/PAT can support more that
64,000 connection using one public IP address.
IP Version 6 Addressing
The short-term solution to the problem of depleting the entire IPv4 address space included NAT
and private addressing. CIDR provider a shortterm solution to the growing size of IP routing
tables. IPv6 uses a 128-bit IP address written in hexadecimal notation, with colons between
each quarter of symbols.

Questions Review for all chapters
1) Name three benefits to layering networking protocol specification.

Some example of benefits to layering networking protocol:

specification include reducing complexity

Standardized interfaces

Modular engineering

Interoperable technology

Accelerated evolution

Simplified teaching and learning

2) What header or trailer does a router discard as a side effect of routing?

A router discards the data-link header and trailer as a side effect of routing. This is
because the network layer, where rouging is defined, is interested in delivering the
network layer (Layer 3) PDU for end to end. Routing uses intermediate data links (Layer
2) to transport the data to the next routers and eventually to the true destination. The
data-link header and trailer are useful only to deliver the data to the next router or host,
so the header and trailer are discarded by each router.
3) What OSI layer typically encapsulates using both a header and a trailer?

The Data Link Layer 2 typically encapsulates using both a header and a trailer. The
trailer typically includes a frame check sequence e (FCS), which is used to perform error
detection.

4) What terms are used to describe the contacts for the data encapsulation by the data
link, network, and transport layer, respectively?

Data Link Layer = Frame
Network Layer = Packet
Transport Layer = Segment
5) Explain the meaning of the term L5PDU?

PDU stand for protocol data unit. A PDU is the entity that includes the
headers and trailers created by a particular network layer, plus any encapsulated data.
For instance, an L5PDU includes Layer 5 header and the encapsulated data.
6) Explain how Layer x on one computer communicates with Layer x on another computer.

Each layer of a networking model works with the same layer on another computer with
which it want to communicate. The protocol defined by each layer uses a header that is
transmitted between the computers to communicate what each computer wants to do.
7) List the terms behind the acronym TCP/IP

Transmission Control Protocol and Internet Protocol
8) List the terms behind the acronym OSI?

Open Systems Interconnection

1) Which of the following protocols are examples of TCP/IP transport layer protocols?
D) UDP
F) TCP
2) Which of the following protocols are examples of TCP/IP network interface layer
protocols?
A) Ethernet
G) PPP

3) Which OSI layer defines the function of logical network-wide addressing and routing?

C) Layer 3
4) Which OSI layer defines the standards for cabling and connectors?

A) Layer 1
5) Which OSI layer defines the standards for data format and encryption?

A) Layer 1
6) Which of the following terms are not valid terms for the names of the seven OSI layers?

C) Transmission
E) Presentation
7) The process of HTTP asking TCP to send some data and make sure that it is received
correctly is an example of what?

B) Adjacent layer interaction
8) The Process of TCP on one computer marking a segment as segment 1, and the receiving
computer then acknowledging the receipt of segment 1, is an example of what?
B) Same-layer interaction
9) The process of a web server adding a HTTP header to a web page, followed by adding a
TCP header, then an IP header, and then data link header and trailer is an example of
what?

A) Data encapsulation
10) Which of the following terms is used specifically to identify the entity that is created
when encapsulating data inside data-link headers and trailers?

D) Frame

1) Describe the features required for a protocol to be considered connectionless?

Unordered low-overhead delivery of data form one host to another is the
service provided in most connectionless protocol services.
2) Name at least three connectionless protocols?

LLC Type 1
UDP
IPX
IP
Are some of examples of connectionless protocols.
Remember that:
Frame Relay,
X.25,
And ATM,

Are connection oriented, regardless of whether they define error
recovery.
3) Name three connection-oriented protocols?

TCP
SPX
LLC Type 2
X.25

Are some examples of connection oriented protocols that provide
error recovery. ATM and Frame Relay are also connection oriented, but without
error recovery.

4) Describe how TCP performs error recovery. What role does the router play?

TCP numbers the first byte in each segment with a sequence
number. The receiving host uses the Acknowledgment field
in segments that it sends back to acknowledge receipt of the
data. If the receiver sends an acknowledgement number that
bytes were lost, so the sender resends them. The router
plays no role unless the TCP connection ends in the router for
example, a Telnet into a router.

5) How many TCP segments are exchanged to establish a TCP connection? How many are
required to terminate a TCP connection?

A three-way connection-establishment sequence is used, to establish a link

A Four-way connection-termination sequence is used, to terminate the link
6) List the components of a TCP socket?

A socket consists of three things:
IP address

A transport layer protocol (TCP or UDP)

The TCP or UDP ort number

1) Which of the following descries the functions of OSI Layer 3

A) Logical addressing
C) Physical addressing

2) Imagine that PC1 needs to send some data to PC2, and PC1 and PC2 are separated by
several routers. What are the largest entities that make it form PC1 to PC2?

C) Packet
E) L3PDU

3) Which of the following does a router normally use when making a decision about
routing TCP/IP?

C) Destination IP address
4) Imagine a network with two routers that are connected with a point-to port HDLC serial
link. Each router as an Ethernet, with PC-1 sharing the Ethernet with Rrouter-1, and PC-2
sharing an Ethernet with Rotuer-2. When PC-1 send data to PC-2, with on the following
is true?

A) Router 1 strips the Ethernet header and trailer off the frame received from PC1
never to be used again.

5) Which of the following are Class C IP addresses?

B) 200.1.1.1

6) What is the range for the first octet for Class A IP networks ?

D) 1 to 126
7) PC-1 and PC-2 are on two different Ethernets that are separated by an IP router. PC1s IP
address is used is 10.1.1.1, and no Subnetting is used. Which of the following addresses
could be used for PC-2

D) 9.1.1.1
F) 1.1.1.1

8) How many valid host IP addresses does each Class B network contain?

D) 65,534
9) How many valid host addresses does each Class C network contain

G) 254
10) Which of the following protocols allows a client PC to discover the IP address of another
computer, based on that other computers name?

C) DNS
11) which of the following protocols allow a client PC to request assignment of an IP address
as well as learn its default gateway?

D) DHCP
12) Which term is defined by the following phrase: the type of protocol that is being
forwarded when routers perform routing?

A) Routed Protocol

OSI Layer 3- equivalent protocols use routing and addressing to accomplish
their goals.

1) What is the name of the field that identifies, or addresses, a Frame Relay virtual circuit?

The Data-Link connection identifier (DLCI) is used to identify a
VC

2) Besides HDLC and PPP. List the other four serial point-to-point data-link protocols
covered I this chapter?

SDLC
LAPB
LAPD
LAPF

3) List the speed of a T1 line, E1, OC-3 and OC-12

T1 line = 1,544
E1 = 2.048
OC-3 = 155Mbps
OC-12 = 622Mbps

1) Name the two main parts of and IP address. Which part identifies which group this
address is a member of?

Network number and node number are the two main parts of an IPX
address.
Addresses with the same network number are in the same group.

On LAN interfaces, the node number is made to have the dame value
and the LAN MAC address.

2) Name the two main parts of an IP address. Which pat identifies which group this

Network and host are the two main pats of an IP address.

Technically there are three portions of the IP address:
Network

Subnet

And host.

3) Describe the differences between a routed protocol and a routing protocol?

The routed protocol defines the addressing and Layer 3 header in the
packet that actually is forwarded by a router.

The routing protocol defines the process of routers exchanging
topology data so that the routers know how to forward the data.

A router uses the routing table created by the routing protocol when
choosing where to route a packet.

4) Name at least three routed protocols

TCP/IP (IP)

Novell (IPX)
OSI (CLNP)
DECnet (CLNP)
AppleTalk (DDP)
Vines
Are all examples of routed protocols.
5) Name at least three IP routing protocols.

IP RIP
IP IGRP
IP/IPX/AppleTalk
EIGRP
IP OSPF
OSI NLSP
OSI IS-IS

Are all examples of routing protocols.

6) Name three items in an entry in any routing table?

A number that identifies a group of addresses.

The interface out which to forward the packet.

and the Layer 3 address for the next router to sent this packet
to,

Are the three items that you will always fine in a routing
table entry. For Instance,
IP routes contain subnet number

The outgoing interface

And the IP address of the next hop router.

7) Name the parts of an IP address when Subnetting is used?

Network, subnet, and host are the three parts of an IP
address. However, many people commonly treat the network and subnets
parts of an address as a single part, leaving only two parts, the subnet and host
parts. On the exam, the multiple choice format should provide extra clues as to
which terminology is used.

8) How may valid IP address exist in a Class A network? ( you may refer to the formula if
you not know the exact number.

16,777,214 derived by the formula 2^24 2

9) How may valid IP address exist in a Class B network? ( you may refer to the formula if

65,534, derived by the formula 2^16
10) How may valid IP address exist in a Class C network? ( you may refer to the formula if

254, derived by the formula 2^8
11) What values can a class A network have in the first octet?

1 through 126 inclusive.
12) What values can a Class B network have in the first octet?

128 through 191 inclusive
13) What values can a Class C network have in the first octet?

192 through 223
14) When Subnetting A Class B network, do you create the subnet field by taking bits from
the network part of the address or the host part?

HOST part
15) When Subnetting a Class B network, using the entire third octet for the subnet part,
describe the number of possible subnets created?
The subnet part consists of a full octet which is 8 bits long. You
can number 2^8 thing with 8 bits, or 256, However 2 subnet number are
reserved, leaving 254 subnets.
16) When Subnetting a Class A network using the entire second octet for the subnet part,
describe the number of hosts in each subnet.

The host part consists of two entire octets in this case, which
is 16 bits long. You can number 2^16 things with 16 bits, or 65,536,
However 2 subnet number are reserved, leaving 254 subnets.

17) When a router hears about multiple routes to the same subnet, how does it choose
which route to use?

Routing protocols use a metric to describe how good each
route is. The lower the metric is, the better the route is.

18) What is the primary purpose of a router protocol?

Router protocols discover the routes in network and build
routing tables.
19) True or False Routing protocols are required to learn routes of directly connected
subnets

False, Routers add routs to directly connected subnets when the interfaces
initialize. No routing protocols are needed.
20) Which IP routing protocols are Cisco proprietary?

IGRP
EIGRP

21) List the similarities and differences between RARP and BOOTP

1) Which of the following header fields identifies which TCP/IP application gets data
received by the computer

E) TCP PORT NUMBER
F) UDP PORT NUMBER

22) What are the two main function of each OSI Layer 3 equivalent protocol?

Path selection, which is also called routing.
Logical Addressing
23) Assume the PC1 sends data to PC2, and PC2 is separated form PC1 by at lease tone
router. Are the IP addresses of the PCs in the same IP subnet?

They must be in different subnets. IP addressing rules require that IP hosts
separated by a router be in different subnets.
24) Assume that PC1 send data to PC2, and PC2 is not separated from PC1 by at least one
router. Are the IP, addresses of the PCs in the same IP subnet?

They must be in the same subnet. IP addressing rules require that IP hosts not
separated by a router be in the same subnet.
25) How many bits are present in an IP address?

IP addresses have 32 bits: a variable number in the network portion,
and the rest if the 32 in the host portion. IP Version 6 uses a 128-bit address!
26) How many bits are present in an IPX address?

IPX addresses have 80 bits:
32 bits in the network portion
and 48 bits in the node portion.

27) Name the two main parts of and IP address. Which part identifies which group this
Network number and node number are the two main parts of an IPX
address.
Addresses with the same network number are in the same group.

On LAN interfaces, the node number is made to have the dame value
and the LAN MAC address.

28) Name the two main parts of an IP address. Which pat identifies which group this

Network and host are the two main pats of an IP address.

Technically there are three portions of the IP address:
Network
Subnet
And host.

However, because most people think of the network and subnet portion as on
portion, another correct answer to this question, using popular terminology
would be subnet and host. In shout, with out Subnetting, the network part
identifies the group; with Subnetting, the network and subnet part together
identifies the group.
29) PC1 sends data to PC2 using TCP/IP. Three router separate PC1 and PC2. Explain why the
statement PC1 send and Ethernet frame to PC2 is true or false?

False. Packets are delivered form end to end across a network, the intervening
router discard the original Ethernet header, replacing it with other data-link
headers as needed. A truer statement would be PC1 sends an IP packet to
PC2.
30) In IP addressing, how many octets are in 1 byte?

One. Octet is a generic word used to describe a single byte. Each IP address is
4 bytes or four Octets, long.

31) Describe the differences between a routed protocol and a routing protocol?

The routed protocol defines the addressing and Layer 3
header in the packet that actually is forwarded by a
router.

The routing protocol defines the process of routers
exchanging topology data so that the routers know
how to forward the data.

A router uses the routing table created by the routing
protocol when choosing where to route a packet.

32) Name at least three routed protocols.

TCP/IP (IP)
Novell (IPX)
OSI (CLNP)
DECnet (CLNP)
AppleTalk (DDP)
Vines
Are all examples of routed protocols.
33) Name at least three IP routing protocols.

IP RIP IP/IPX/AppleTalk EIGRP
IP IGRP IP OSPF
OSI NLSP OSI IS-IS

Are all examples of Routing protocols.

34) Imagine an IP host on an Ethernet, with a single router attached to the same segment.
In which cases does an IP host choose to send a packet to this router instead of directly
to the destination host, and how does this IP host know about that single router?

Typically an IP host knows to what router to send a packet based on its
configured default router. If the destination of the packet is in another subnet,
the host sends the packet to the default router. Otherwise, the host sends the
packet directly to the destination host because it is in the same subnet and, by
definition, must be on the same data link.
35) Name three items in an entry in any routing table?

A number that identifies a group of addresses.

The interface out which to forward the packet.

and the Layer 3 address for the next router to sent this packet
to,
Are the three items that you will always fine in a routing
table entry. For Instance,
IP routes contain subnet number

The outgoing interface

And the IP address of the next hop router.

36) Name the parts of an IP address when Subnetting is used?

Network, subnet, and host are the three parts of an IP
address. However, many people commonly treat the network and subnets
parts of an address as a single part, leaving only two parts, the subnet and host
parts. On the exam, the multiple choice format should provide extra clues as to
which terminology is used.

37) When Subnetting A Class B network, do you create the subnet field by taking bits from
the network part of the address or the host part?

HOST part

38) When Subnetting a Class B network, using the entire third octet for the subnet part,
describe the number of possible subnets created?

The subnet part consists of a full octet which is 8 bits long. You
can number 2^8 thing with 8 bits, or 256, However 2 subnet number are
reserved, leaving 254 subnets.

39) When Subnetting a Class A network using the entire second octet for the subnet part,
describe the number of hosts in each subnet.

The host part consists of two entire octets in this case, which
is 16 bits long. You can number 2^16 things with 16 bits, or 65,536,
However 2 subnet number are reserved, leaving 254 subnets.
40) When a router hears about multiple routes to the same subnet, how does it choose
which route to use?

Routing protocols use a metric to describe how good each
route is. The lower the metric is, the better the route is.
41) What is the primary purpose of a router protocol?

Router protocols discover the routes in network and build
routing tables.
42) True or False Routing protocols are required to learn routes of directly connected
subnets

False, Routers add routs to directly connected subnets when the interfaces
initialize. No routing protocols are needed.

43) Which IP routing protocols are Cisco proprietary?

IGRP
EIGRP

44) List the similarities band differences between DHCP and BOOTP

Both protocols send broadcasts look for a server, and they hope to
have the server assign them an IP address.

Both can be used to assign a large variety of parameters, such as the
subnet mask, default gateway, DNS address, and filenames for
downloading an operating system.

DHCP does not require that the server be preconfigured with the MAC
address of all the DHCP clients PCs making it much more scaleable.

45) List the similarities and differences between ARP and DNS

Both protocols send messages with one bit of information, hoping to
learn another bit of information. The similarities do no go beyond
that fact.

DNS requests are Unicast IP packets sent specifically to the DNS server

ARP uses a LAN broadcast frame

DNS queries supply name, expecting to hear the corresponding IP
address back for the server.

ARP requests supply and IP address, hoping to hear a corresponding
MAC address not form a server, but from the host that uses that IP
address.

2) Which of the following protocols are connection-oriented?

A) Frame Relay
B) TCP

3) Which of the following protocols are reliable?

B) TCP
4) PC1 is using TCP, has a window of 4, and sends four segments, numbered 2,3,4, and 5 to
PC2, PC2 replies with an acknowledgment number 5. What should PC1 do next?

D) Resends segment 5
5) Which of the following are not features of a protocol that is considered to match OSI
Layer-4

D) Conversion from binary to ASCII
OSI Layer 4 (NETWORK) Does:
Error recovery
Flow Control
Segmenting of application data

6) Which of the following flow control methods let the receiver tell the sender how much
data the sender is allowing to send before the sender must wait for an
acknowledgment?

C) Windowing

7) Which of the following header fields identifies which TCP/IP application gets data
received by the computer

E) TCP PORT NUMBER
F) UDP PORT NUMBER
8) Which of the TCP connection-establishment flows set both the SYN and ACK flags in the
TCP header?

B) Second SEGMENT

9) Which of the following is not a Typical function of TCP

D) Routing
E) Encryption
10) Which of the flowing functions is performed by TCP

C) Multiplexing
11) Data that includes the Layer 4 Protocol header, and data given to Layer 4 by the upper
layer, not including any header and trailers form Layers 1 to 4 is called what?

C) Segment
G) L4PDU
7) Describe the features required for a protocol to be considered connectionless?

Unordered low-overhead delivery of data form one host to another is the
service provided in most connectionless protocol services.

8) Name at least three connectionless protocols?

LLC Type 1
UDP
IPX
IP

Are some of examples of connectionless protocols.
Remember that:
Frame Relay,
X.25,
And ATM,

Are connection oriented, regardless of whether they define error recovery.

9) Describe the features required for a protocol to be considered connection oriented?

Either the protocol must exchange messages with another device before data is allowed
to be sent, or some pre-correlation between the two endpoint must be defined. TCP is
an example of a connection-oriented protocol that exchanges messages before data can
be sent; Frame Relay is a connection-oriented protocol for which a pre-established
correlation between endpoints is defined.
10) In a particular error-recovering protocol, the sender sends three frames, labeled 2,3, and 4. On
its next sent frame, the receiver of these frames sets an Acknowledgment field to 4. What does
this typically imply?

Frames through number 3 were received successfully. The receiver might have not
received Frame 4, or Frame 4 might not have passed the FCS check.

Name Three connection-oriented protocols?TCP
SPX
LLC Type 2
X.25

Are some examples of connection oriented protocols that provide error
recovery. ATM and Frame Relay are also connection oriented, but without error
recovery.

11) Describe how TCP performs error recovery. What role does the router play?

TCP numbers the first byte in each segment with a sequence
number. The receiving host uses the Acknowledgment field in
segments that it sends back to acknowledge receipt of the data. If
the receiver sends an acknowledgement number that bytes were
lost, so the sender resends them. The router plays no role unless
the TCP connection ends in the router for example, a Telnet into a
router.
12) How many TCP segments are exchanged to establish a TCP connection? How many are required
to terminate a TCP connection?

A three-way connection-establishment sequence is used, to
establish a link
A Four-way connection-termination sequence is used, to terminate
the link
13) Describe the purpose of the Port number field in a TCP header. Give one example?

The port numbers are used to help computer multiplex received data. For instance, a
PC with two web browsers open can receive an IP packet. This destination TCP port
number identifies which of the two browsers should receive the data.
14) List the components of a TCP socket?

A socket consists of three things:
IP address

A transport layer protocol (TCP or UDP)

The TCP or UDP ort number

15) How many TCP segments must be sent to establish a TCP connection? How many are used with
normal TCP connection terminations?

Three TCP segments are needed to establish the connection and
four are needed to tear it down under normal operation?
16) How many UDP segments must6 be sent to establish a UDP connection? How may are used with
normal UDP connection Terminations.

UDP does not establish connection because it is not connection
oriented.
1) Which of the following routing protocols are considered to use distance vector logic?

A) RIP
B) IGRP
2) Which of the following routing protocols are considered to use link-state logic?

E) OSPF
G) Intergraded IS-IS
3) Which of the following routing protocols use a metric that is, by default, at least partially
affected by link bandwidth?

C) IGRP
D) RIP V2
E) OSPF
4) Which of the following interior routing protocols support VLSM?

B) RIP V2
D) EIGRP
E) OSPF
F) Integrated IS-IS

5) Which of the following situation should cause RIP to remove all the routes learned form a
particular neighboring router?

B) No longer receiving updates form that neighbor

Distance vector protocols relay on regular receipt of routing updates form their neighbors to
continue believing that the routes through that neighbor are still valid?

6) Which of the following interior routing protocols are considered to be capable of converging
quickly?

D) EIGRP

E) OSPF

F) Integrated IS-IS

7) Which of the following interior routing protocols use hop count as their metric?

A) RIP-V1

B) RIP-V2

8) What update timer is used by IGRP?

C) 90 seconds

1) Which interior IP routing protocols covered in this chapter support VLSM?

RIP-2
EIGRP
OSPF
Integrated IS-IS
BGP

2) Which IP routing protocols covered in this chapter use distance vector logic?

RIP-1
RIP-2
IGRP

3) Which interior IP routing protocols covered in this chapter are considered to converge quickly?

EIGRP
OSPF
And INTEGRATED IS-IS

4) Compare distance vector and link-state protocols in terms of what information is sent in router
updates.

Distance vector protocols send sparse information, typically describing subnet
and a metric for each route. Link-state protocols send much more detailed topology
information describing each router and each link so that every router knows a full
conceptual picture of the network.
5) List three similarities between EIGRPs balanced hybrid logic and link-state logic.

Fast convergence, neighbor discovery before sending routing
information, not sending of full updates on a regular period, some
topology tables built in addition to the IP routing table.

6) Explain the basic concept behind why some routing protocols support VLSM and some do not?

VLSM implies that different subnet mask are used for different subnets of the same
network. To advertise subnets that have different sizes, the routing protocol must
include the subnet mask information for each subnet in the routing sedates. Routing
protocols that don not support VLSM do not include the mask in the routing updates.
7) Explain the difference between interior and exterior routing protocols.

Interior routing protocols are designed to advertise detailed routing information
about each subnet, typically inside a single company or organization. Exterior rouging
protocols are designed to advertise information about hot to reach different
9) Explain the difference between full and partial routing updates?

Balanced hybrid is a term used to refer to the logic used by EIGRP. The logic can be
viewed as a combination of features like those of distance vector protocols and link-
state routing updates.
10) Compare and contrast the type of information sent in distance vector routing updates versus
link-state routing updates.

Distance vector routing updates contain a subnet number and a metric for each
route. Link-state updates define much more detailed information, such as the identity
of each router and which subnets each router is connected to. Therefore, the
information in link-state updates is much more detailed than the equivalent information
with distance vector updates. The more detailed information allows a link-state protocol
to build a mathematical representation of the network topology, whereas distance
vector protocols simply know that subnets exist and where to send packets to reach
those subnets.

11) What term describes the underlying logic behind the OSPF routing protocol?

Link state.

Which of the following protocols are connection-oriented?
A) Frame Relay
B)TCP
12) Which of the following protocols are reliable?

B) TCP
13) PC1 is using TCP, has a window of 4, and sends four segments, numbered 2,3,4, and 5 to PC2,
PC2 replies with an acknowledgment number 5. What should PC1 do next?

D) Resends segment 5
14) Which of the following are not features of a protocol that is considered to match OSI Layer-4

D) Conversion from binary to ASCII
OSI Layer 4 (NETWORK) Does:
Error recovery
Flow Control
Segmenting of application data

15) Which of the following flow control methods let the receiver tell the sender how much data the
sender is allowing to send before the sender must wait for an acknowledgment?

C) Windowing
16) Which of the following header fields identifies which TCP/IP application gets data received by
the computer

E) TCP PORT NUMBER
F) UDP PORT NUMBER
17) Which of the TCP connection-establishment flows set both the SYN and ACK flags in the TCP
header?

B) Second SEGMENT

18) Which of the following is not a Typical function of TCP

D) Routing
E) Encryption
19) Which of the flowing functions is performed by TCP

C) Multiplexing
20) Data that includes the Layer 4 Protocol header, and data given to Layer 4 by the upper layer, not
including any header and trailers form Layers 1 to 4 is called what

C) Segment
G) L4PDU
12) Which of the following routing protocols are considered to use distance vector logic?
A) RIP
B) IGRP
13) Which of the following routing protocols are considered to use link-state logic?

E) OSPF
G) Intergraded IS-IS

14) Which of the following routing protocols use a metric that is, by default, at least partially
affected by link bandwidth?

C) IGRP
D) RIP V2
E) OSPF

15) Which of the following interior routing protocols support VLSM?

B) RIP V2
D) EIGRP
E) OSPF
F) Integrated IS-IS

16) Which of the following interior routing protocols are considered to be capable of converging
quickly?

D) EIGRP
E) OSPF
F) Integrated IS-IS
17) Which of the following interior routing protocols use hop count as their metric?

A) RIP-V1
B) RIP-V2
18) What update timer is used by IGRP?

D) 90 seconds

Tcpi Ip

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tcpi Ip

Uploaded by

Copyright:

Available Formats

TCP/IP

OSI Open Systems Interconnection

You might also like