Download as pdf or txt
Download as pdf or txt
You are on page 1of 7


Frames are also referred to as Protocol Data Units

destination and source MAC addresses Preamble for sequencing and timing Start of frame delimiter Length and type of frame Frame check sequence to detect transmission errors

The size of Ethernet frames is limited to a maximum of 1518 bytes and a minimum size of 64 bytes.

Ethernet Frame
Preamble SFD Start Frame Delimiter MAC Address Destination MAC Address Source Length/Type Data Encapsulation FCS Frame Check Sequence

The destination MAC can be unicast, multicast or broadcast.

46 - 1500

FCS is created by the device that sends data and recalculated by the destination device to check for damaged frames.

Define pattern of Marks the end of alternating 1 and 0 the timing bits used to information and synchronize timing. start of the frame.

The lenght indicate the number of bytes of data that The source MAC is follows this field. unicast. A Type value indicates which protocol will receive the data.

The broadcast MAC address is actually a 48-bit address made up of all ones.

The broadcast MAC address in hexadecimal notation is FFFF.FFFF.FFFF. Each F in the hexadecimal notation represents four ones in the binary address.

address resolution protocol

The sending host can use an IP protocol called ARP to discover the MAC address of any host on the same local network.

baseline or document network performance.

The IP packet is sometimes referred to as a datagram.

ISPs obtain blocks of IP addresses from a local, national or regional Internet registry (RIR).

Every ISP has a control facility for their network, known as the Network Operations Center (NOC).

A POP is the connection point between the ISP's network and the particular geographical region that the POP is servicing.

using DSL technology to connect, the ISP must have a DSL Access Multiplexer (DSLAM) 4.3.2

cable modems to connect, the ISP must have a Cable Modem Termination System (CMTS).

The TIA/EIA organization defines two different patterns, or wiring schemes, called T568A and T568B. 4.5.2

Two devices directly connected and using different pins for transmit and receive are known as unlike devices.

Devices that are directly connected and use the same pins for transmit and receive, are known as like devices.

Transmission Control Protocol (TCP)

is the transport protocol that manages the individual conversations between web servers and web clients. TCP formats the HTTP messages into segments to be sent to the destination host. It also provides flow control and acknowledgement of packets exchanged between hosts.

Multicast Experimental

APIPA allocates IP addresses in the private range to Also Link-Local Addresses

In APIPA, all devices use the default network mask

Automatic Private IP Addressing (APIPA) assigns the system an address from the address range and configures the subnet mask ( However, it doesnt configure the system with a default gateway address. As a result, communication is limited to the local network. Loopback Although only the single address is used, One such reserved addresses to are reserved. address is the IPv4 Any address within this block will loop back within the loopback address local host.

Default Route

IPv4 default route is The default route is used as a "catch all" route when a more specific route is not available. The use of this address also reserves all addresses in the - ( /8) address block.

Port Numbers
Ports are broken into three categories and range in number from 1 to 65,535. Ports are assigned and managed by an organization known as the Internet Corporation for Assigned Names and Numbers (ICANN).

The address block to ( /24) is set aside for teaching and learning purposes. TEST-NET Addresses You may often find these addresses used with the domain names or in RFCs, vendor, and protocol documentation. Ping uses a Layer 3 protocol that is a part on the TCP/IP suite called Internet Control Message Protocol (ICMP). Ping uses an ICMP Echo Request datagram. Round Trip Time (RTT) is the time a packet takes to reach the remote host and for the response from the host to return with tracer command. An asterisk (*) is used to indicate a lost packet.

Well-Known Ports

Registered Ports

Dynamic, Private or Ephymeral Ports

Destination ports that are associated with Ports 1024 through 49151 can be used as Ports 49152 through 65535, often used as common network applications are either source or destination ports. These source ports. These ports can be used by identified as well-known ports. These can be used by organizations to register any application. ports are in the range of 1 to 1023. specific applications such as IM applications.

The TCP/IP model is a protocol model because it describes the functions that occur at each layer of protocols within the TCP/IP suite.

The primary purpose of a reference model is to aid in clearer understanding of the functions and process involved.

A DNS server provides the name resolution using the name daemon, which is often called named, (pronounced namedee).

Requests for Comments (RFCs). Publicly-available set of documents contain technical and organizational documents about the Internet, including the technical specifications and policy documents produced by the Internet Engineering Task Force (IETF). The form that a piece of data takes at any layer is called a Protocol Data Unit (PDU). Data Segment Packet Frame Bits The general term for the PDU used at the Application layer. Transport Layer PDU. Internetwork Layer PDU. Network Access Layer PDU. A PDU used when physically transmitting data over the medium.

The DNS server stores different types of resource records used to resolve names. These records contain the name, address, and type of record.

International Organization for Standardization (ISO) Domain Name Service Protocol (DNS). Port TCP/UDP 53, Hypertext Transfer Protocol (HTTP). Port TCP 80, Simple Mail Transfer Protocol (SMTP). Port TCP 25, Telnet, a terminal emulation protocol. Port TCP 23, File Transfer Protocol (FTP). Port TCP 20, 21, DHCP Port UDP 56.

Some of these Record Types are: A an end device address NS an authoritative name server CNAME the canonical name (or Fully Qualified Domain Name) for an alias; used when multiple services have the single network address but each service has its own entry in DNS. MX mail exchange record; maps a domain name to a list of mail exchange servers for that domain

If a given server has resource records that correspond to its level in the domain hierarchy, it is said to be authoritative for those records.

The Application layer, is the layer that provides the interface between the applications and the underlying network over which our messages are transmitted.

GET is a client request for data. A web browser sends the GET message to request pages from a web server.

E-mail Server Processes - MTA and MDA 3.3.3

Application Layers

The Presentation Layer Coding and conversion of Application layer data. Compression of the data. Encryption of the data.
The Session Layer, create and maintain dialogs between source and destination applications. Handles the exchange of information to initiate dialogs, keep them active, and to restart sessions that are disrupted or idle for a long period of time.

Hypertext Transfer Protocol (HTTP)

POST and PUT are used to send messages that upload data to the web server.

The Mail Transfer Agent (MTA) process is used to forward email.

If the mail is addressed to When people compose ea user whose mailbox is mail messages, they use a on the local server, the Mail User Agent (MUA), mail is passed to the or e-mail client. MDA.

PUT uploads resources or content to the web server.

The Server Message El protocolo SMB describe el establish a long term Block (SMB) is a acceso al sistema de archivos y connection to client/server file la manera en que los clientes servers. sharing protocol. hacen solicitudes de archivos.

connection using Telnet is called a Virtual Terminal (VTY) session, or connection.

For secure communication across the Internet, the HTTP Secure (HTTPS) protocol is used for accessing or posting web server information.

The LINUX and UNIX operating systems also provide a method of sharing resources with Microsoft networks using a version of SMB called SAMBA.

User Datagram Protocol (UDP)

UDP is a simple, connectionless protocol, described in RFC 768. The pieces of communication in UDP are called datagrams. UDP segment only has 8 bytes of overhead.

The UDP PDU is referred to as a datagram, although the terms segment and datagram are sometimes used interchangeably to describe a Transport layer PDU.

Transmission Control Protocol (TCP)

TCP is a connection-oriented protocol, described in RFC 793. TCP segment has 20 bytes of overhead.

La combinacin del nmero de puerto de la Por ejemplo, una solicitud de pgina Web capa de Transporte y de la direccin IP de la HTTP que se enva a un servidor Web capa de Red asignada al host identifica de (puerto 80) y que se ejecuta en un host manera exclusiva un proceso en particular que con una direccin IPv4 de Capa 3 se ejecuta en un dispositivo host especfico. Esta ser destinada al socket combinacin se denomina socket. Fields within the TCP segment header, there are six 1-bit fields that contain control information used to manage the TCP processes. URG - Urgent pointer field significant ACK - Acknowledgement field significant PSH - Push function RST - Reset the connection SYN - Synchronize sequence numbers FIN - No more data from sender

IPv4 basic characteristics: Connectionless - No connection is established before sending data packets. Best Effort (unreliable) - No overhead is used to guarantee packet delivery. Media Independent - Operates independently of the medium carrying the data.

The maximum size of PDU that each medium can transport. This characteristic is referred to as the Maximum Transmission Unit (MTU).

In some cases, an intermediary device - usually a router will need to split up a packet when forwarding it from one media to a media with a smaller MTU. This process is called fragmenting the packet or fragmentation.

IP Destination Address 32-bit binary value. IP Source Address 32-bit binary value. Time-to-Live (TTL) is an 8-bit binary value that indicates the remaining "life" of the packet. Protocol 8-bit binary value indicates the data payload type that the packet is carrying and enables to pass the data to the appropriate upper-layer protocol. Type-of-Service 8-bit binary value that is used to determine the priority of each packet. Fragment Offset and the MF flag is used to reconstruct the packet when it arrives at the destination host. The fragment offset field identifies the order in which to place the packet fragment in the reconstruction. Don't Fragment (DF) flag is a single bit in the Flag field that indicates that fragmentation of the packet is not allowed. CH 1, 5.1.7 CCNA

Protocolos de enrutamiento comunes se incluyen: protocolo de informacin de enrutamiento (RIP), protocolo de enrutamiento de gateway interior mejorado (EIGRP) Open Shortest Path First (OSPF).

Internet Assigned Numbers Authority (IANA) (

LACNIC (Regional AfriNIC (African APNIC (Asia Pacific ARIN (American Latin-American and Network Network Registry for Internet Caribbean IP Information Centre) Information Centre) Numbers) Address Registry)

RIPE NCC (Reseaux IP Europeans)

ICMP is the messaging protocol for the TCP/IP suite. ICMP provides control and error messages and is used by the ping and traceroute utilities. Ch1-6.6.5
ICMP messages that may be sent include: Host confirmation Unreachable Destination or Service Time exceeded Route redirection Source quench

Among the Destination Unreachable codes are: 0 = net unreachable 1 = host unreachable 2 = protocol unreachable 3 = port unreachable

Logical Link Control (LLC)

places information in the frame that identifies which Network layer protocol is being used for the frame.

Engineering Task Force (IETF)

Media Access Control (MAC)

Addresses the frame and marks the beginning and the end of the frame

Request for Comments (RFCs)

Physical layer technologies are defined by organizations such as: The International Organization for Standardization (ISO) The Institute of Electrical and Electronics Engineers (IEEE) The American National Standards Institute (ANSI) The International Telecommunication Union (ITU) The Electronics Industry Alliance/Telecommunications Industry Association (EIA/TIA) National telecommunications authorities such as the Federal Communication Commission (FCC) in the USA.

Flow control field (FCS) Used to start and stop traffic over the media

comprobacin de redundancia cclica (CRC)

MDI (interfaz dependiente del medio) utiliza un diagrama de pines normal de Ethernet. Los pins 1 y 2 se utilizan como transmisores y los pins 3 y 6 como receptores. Dispositivos como computadoras, servidores o routers tendrn conexiones MDI.
MDIX (Interfaz cruzada dependiente del medio). Los cables MDIX intercambian los pares transmisores internamente.

channel service unit/data service unit (CSU/DSU) Types of WAN connections EIA TIA 232 EIA TIA 449 V.35 X.21 EIA 530

Data Communications Equipment (DCE) - A device that supplies the clocking services to another device. Typically, this device is at the WAN access provider end of the link. (Femail Connector) Data Terminal Equipment (DTE) - A device that receives clocking services from another device and adjusts accordingly. Typically, this device is at the WAN customer or user end of the link. (Male Connector)

The Ping Command Ping uses the ICMP protocol to check for connectivity. Ping command moves from Layer 3 of the OSI model to Layer 2 and then Layer 1.

Testing the Loopback The ping command is used to verify the internal IP configuration on the local host by using the ping command on a reserved address called the loopback ( This verifies the proper operation of the protocol stack from the Network layer to the Physical layer - and back - without actually putting a signal on the media. Testing Router Connectivity As with an end device, we can verify the Layer 3 connectivity with the ping and traceroute commands. In the Router 1 figure, you can see sample outputs from a ping to a host in the local LAN and a trace to a remote host across the WAN. Testing the Interface Assignement In this case ping the address asigned to the NIC in the network. This test verifies that the NIC driver and most of the NIC hardware are working properly. It also verifies that the IP address is properly bound to the NIC. ch1_11.3.2.2

IOS Ping Indicators A ping from the IOS will yield to one of several indications for each ICMP echo that was sent. The most common indicators are: ! - indicates receipt of an ICMP echo reply . - indicates a timed out while waiting for a reply U - an ICMP unreachable message was received

Testing Sequence Test 1: Local Loopback - Successful Test 2: Local NIC - Successful Test 3: Ping Local Gateway - Successful Test 4: Ping Remote Host - Failure Test 5: Traceroute to Remote Host - Failure at First Hop Test 6: Examine Host Configuration for Proper Local Gateway - Incorrect PC ping, tracert CLI ping, traceroute Next HOP find with #sh ip route

You might also like