Chapter 6: Introduction to the IP

Protocol • Click to edit Master subtitle

Instructor: style
 Chapter 6 Objectives
The Following CompTIA Network+ Exam Objectives Are Covered in This
Chapter:
• 5.2 Explain the basics of network theory and concepts
• • TCP/IP suite
• o ICMP
• o UDP
• o TCP
• 5.9 Compare and contrast the following ports and protocols
• • 80 HTTP
• • 443 HTTPS
• • 137-139 Netbios
• • 110 POP
• • 143 IMAP
• • 25 SMTP
• • 5060/5061 SIP
• • 2427/2727 MGCP
• • 5004/5005 RTP
• • 1720 H.323
• • TCP
• o Connection-oriented
• • UDP
• o Connectionless

2
 Chapter 6 Objectives (cont.)
• 5.10 Given a scenario, configure and apply the appropriate ports and
protocols
• • 20,21 FTP
• • 161 SNMP
• • 22 SSH
• • 23 Telnet
• • 53 DNS
• • 67,68 DHCP
• • 69 TFTP
• • 445 SMB
• • 3389 RDP
• 3.0 Network security
• 3.2 Compare and contrast common network vulnerabilities and threats
• Vulnerabilities
• o Unsecure protocols
• TELNET
• HTTP
• SLIP
• FTP
• TFTP
• SNMPv1 and SNMPv2

3
 Chapter 6 Objectives (cont.)
• 3.3 Given a scenario, implement network hardening techniques
• • Use secure protocols
• o SSH
• o SNMPv3
• o TLS/SSL
• o SFTP
• o HTTPS

4
 What is TCP/IP?
• Because TCP/IP is so central to working with the
Internet and intranets, it’s essential for you to
understand it in detail.
• TCP/IP first came on the scene in 1973. Later, in
1978, it was divided into two distinct protocols: TCP
and IP.
• Then, back in 1983, TCP/IP replaced the Network
Control Protocol (NCP) and was authorized as the
official means of data transport for anything
connecting to ARPAnet, the Internet’s ancestor that
was created by ARPA, the DoD’s Advanced Research
Projects Agency way back in 1957 in reaction to the
Soviet’s launching of Sputnik.
• ARPA was soon re-dubbed DARPA, and it was
divided into ARPAnet and MILNET (also in 1983); both
were finally dissolved in 1990. 5
 TCP/IP History
• Most of the development work on TCP/IP happened at
UC Berkeley in Northern California, where a group of
scientists were simultaneously working on the Berkeley
version of UNIX, which soon became known as the
BSD, or Berkeley Software Distribution series of UNIX
versions.
• Of course, because TCP/IP worked so well, it was
packaged into subsequent releases of BSD UNIX and
offered to other universities and institutions if they
bought the distribution tape.
• All of this led to the DoD model….

6
 DoD Model
The DoD model is basically a condensed version of the
OSI model—it’s composed of four, instead of seven,
layers:
– Process/Application layer
– Host-to-Host layer
– Internet layer
– Network Access layer
• The figure on the next slide shows a comparison of the
DoD model and the OSI reference model. As you can
see, the two are similar in concept, but each has a
different number of layers with different names.
• However, the DoD and OSI are so similar that the layer
names are actually interchangeable.

7
 DoD Model

DoD Model OSI Model

Application
Process/
Presentation
Application
Session

Host-to-Host Transport

Internet Network

Network Data Link

Access Physical

8
 TCP/IP Protocol Suite

DoD Model
Process/ Telnet FTP LPD SNMP
Application TFTP SMTP NFS X Window

Host-to-Host TCP UDP

ICMP ARP RARP

Internet
IP

Network Fast Gigabit Wireless

Ethernet
Access Ethernet Ethernet /802.11

9
 TCP/IP Protocols
• HTTP
• HTTPS
• NTP
• SCP
• NTP
• SCP
• LDAP
• IGMP
• DNS
• POP
• DHCP

10
 TCP/IP Protocols (cont)
• Telnet
• FTP
• SFTP
• TFTP
• SMTP
• POP
• IMAP4
• RDP
• SIP ( VOIP)
• SNMP
• SSH

11
 TCP Segment
Bit 0 Bit 15 Bit 16 Bit 31
Source Port (16) Destination Port (16)

Sequence Number (32)

Acknowledgement Number (32)

24 bytes
Header Code
Reserved (6) Window (16)
Length (4) bits (6)

Checksum (16) Urgent (16)

Options (0 or 32 if any)

Data (varies)

12
 UDP Segment

Bit 0 Bit 15 Bit 16 Bit 31

Source Port (16) Destination Port (16)

6 Bytes
Length (16) Checksum (16)

Data

13
TCP and UDP

14
Port Number Examples

15
 Chapter 6
Port numbers for TCP and UDP
Figure 6.6

FTP Telnet Doom DNS TFTP POP3 News

Application
layer

Port numbers 21 23 666 53 69 110 119

Transport TCP UDP
layer
 IP Header
Bit 0 Bit 15 Bit 16 Bit 31
Version Header Priority and
Total length (16)
(4) Length (4) Type of Service (8)
Flags
Identification (16) Fragmented offset (13)
(3)

Time to Live (8) Protocol (8) Header Checksum (16)

20 bytes
Source IP Address (32)

Destination IP address (32)

Options (0 or 32 if any)

Data (varies if any)

17
 ICMP Example

e0 on Lab_B is down. Host A is trying to communicate to Host B. What happens?

Lab_A Lab_B

e0 e0
icmp
X

Host A Host B

18
 ARP Example

I heard that broadcast.

I need the Ethernet The message is for me.
address of 10.1.1.2 Here is my Ethernet address.

10.1.1.1 10.1.1.2

IP: 10.1.1.2 = ???

IP: 10.1.1.2
Ethernet: 45:23:79:85:77:34

19
 RARP Example

What’s my IP I heard that broadcast.

address? Your IP address
is 192.168.10.3

Ethernet: 45:23:79:85:77:34 IP = ??

Ethernet: 45:23:79:85:77:34
IP: 192.168.10.3

20
 Data Encapsulation
PDU

Application

Presentation
Upper layer data
Session
TCP Header Upper layer data Segment Transport

IP Header Segment Packet Network

LLC Header Packet FCS

Frame Data Link
MAC Header Packet FCS

0101110101001000010 Bits Physical

21
 Protocol Data Units

Source Destination
Segment … Data
Port Port

Destination
Packet Source IP Protocol … Segment
IP

Frame Destination Source

Ether-Field Packet FCS
MAC MAC

Bits 1011011100011110000

22
Port Numbers at the Transport
Layer
Source Destination
…
Port Port

Host A Host Z

SP DP

1028 23 …

Defines Virtual Circuit Defines upper layer

process or application

23
Understanding Network Address
Translation

Subtitle
 Network Address Translation (NAT)
• IP address
– Your computer’s virtual location on the network
• Port number
– The services living of your computer
• You sometimes need to change this address and/or port
– Everyone needs to share one IP address to the outside world
• Source NAT / PAT
– Incoming requests need to redirect to a different IP address
• Destination NAT
• NAT generally includes both IP address and port number
– But it doesn’t have to
 When Do We Use NAT?
• NAT is similar to Classless Inter-Domain
Routing (CIDR)
– Original intention for NAT was to slow the
depletion of available IP address
• Situations for using NAT include:
– You need to connect to the Internet and your
hosts don’t have globally unique IP addresses.
– You change to a new ISP that requires you to
renumber your network.
– You need to merge two intranets with duplicate
addresses.
Where to configure NAT
Where to configure NAT
 Types of Network Address Translation

• Static NAT
– One-to-one mapping
– Requires one public IP address for each host
• Dynamic NAT
– Map private IPs from a pool of Public IPs
– No need for one-to-one mapping
– Still need enough Public IPs to map all private
hosts
• Overloading
– Most popular type of NAT
– Maps multiple private IPs to one Public IP
– Also known as Port Address Translation (PAT)
 NAT Names

• Global • Inside
o After NAT translations
o
o Inside your network
Usually a Public IP
• Local o Your source
o Before NAT translations • Outside
o Usually private IP
address
o Outside your network
o Your Destination
How NAT Works
How NAT Works
How NAT Works
How NAT Works
How NAT Works
How PAT Works
How PAT Works
How PAT Works
How PAT Works
How PAT Works
Understanding Network Address
Translation

Subtitle
 Summary

• Summary
• Exam Essentials Section
• Written Labs
• Review Questions

42