1 CCNA 2 v3.1 Module 10. 2 Intermediate TCP/IP CCNA 2 Module 10.
-
date post
21-Dec-2015 -
Category
Documents
-
view
241 -
download
2
Transcript of 1 CCNA 2 v3.1 Module 10. 2 Intermediate TCP/IP CCNA 2 Module 10.
1
CCNA 2 v3.1 Module 10
2
Intermediate TCP/IP
CCNA 2
Module 10
333
TCP/IP Operations
• IP addresses
Allow for the routing of packets between networks
Makes no guarantees about delivery
• Transport layer is responsible for
Reliable transport of data and regulation of data flow from source to destination
This is accomplished using
sliding windows
sequencing numbers
a synchronization process that ensures each host is ready and willing to communicate
444
TCP/IP Segment Format
555
Synchronisation – 3 way handshaking
• Prior to data transmission the two communicating hosts go through a synchronization process to establish a virtual connection
• This synchronization process
Insures both sides are ready for data transmission
Allows the devices determine the initial sequence numbers
666
Synchronisation – 3 way handshaking
777
Sequence Numbers
• Part of initiating communication between the two devices
• Act as reference starting numbers between the two devices
• Give each host a way to ACK the SYN so that the receiver knows the sender is responding to the proper connection request
888
Denial Of Service Attacks
• Denial of service attacks (DoS)
• Designed to deny services to legitimate hosts attempting to establish connections
• Common method that hackers utilize to halt system response
• One type of DoS is known as SYN flooding
Exploits the normal three-way handshake and causes targeted devices to ACK to source addresses that will not complete the handshake
999
SYN Flooding
In a DoS attack, the hacker initiates a synchronization but spoofs the source IP address
To defend against these attacks, system administrators may decrease the connection timeout period and increase the connection queue size.
101010
Windowing and Window Size
Sliding window allows the destination device to indicate to the source a need to decrease or increase the amount of data being sent because it is incapable at that time of dealing with that much data
111111
Sequencing numbers
121212
Positive Acknowledgment and Retransmission (PAR)
•With PAR, source sends a packet, starts a timer, and waits for an ACK before sending the next packet
•If timer expires before source receives an ACK, the source retransmits the packet and restarts the timer
•TCP uses expectational acknowledgments - ACK number refers to the next octet that is expected
131313
UDP operation
•Not all applications need to guarantee delivery of the data packet
•They use UDP
a faster, connectionless delivery
Described in RFC 768
protocol that exchanges segments without acknowledgments or guaranteed delivery
Does not use windowing
Does not use acknowledgments
Application layer protocols must provide error detection
14
Overview of Transport Layer Ports
151515
Multiple Conversations Between HostsA port number must be associated with the conversation between hosts to ensure that the packet reaches the appropriate service on the server
Without a way to distinguish between different conversations, the client would be unable to send both an email and browse a web page, using one server at the same time
161616
Ports for Services
171717
Ports for Services continued…
181818
Ports for Clients
•Destination ports - ports for services
Normally defined using the well-known ports
•Source ports
Set by the client are determined dynamically
Client determines the source port by randomly assigning a number above 1023
191919
Port numbering & well-known port no’s
• Port numbers are represented by 2 bytes in the header of a TCP or UDP segment
16-bit value - port numbers from 0 to 65535
• Port numbers are divided into 3 categories
1 to 1023 ports are well-known ports
1024 to 49151 are registered ports
49152 to 65535 are defined as dynamic or private ports
202020
Multiple Sessions Between Hosts
• A pair of sockets, one on each host, forms a unique connection.
For instance, a host might have a telnet connection, port 23, while at the same time be surfing the net, port 80. The IP and the MAC addresses would be the same because the packets are coming from the same host.
212121
Sockets
• Transport layer
Port numbers are located here
Serviced by the network layer
• The network layer
assigns the logical address (IP address)
is then serviced by the data link layer
• Data link layer
assigns the physical address (MAC address)