Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
40 Cards in this Set
- Front
- Back
packets are layered by_____, with the lowest layers coming ____.
|
protocol
first |
|
When a host’s network card receives a packet, it first checks to see if it is supposed ________.
|
to accept the packet.
|
|
This is done by looking at the destination addresses located in the
________. |
packet headers
|
|
If the network card thinks that it should accept the packet, it keeps a copy of it in its memory and generates
an _________. |
interrupt to the operating system.
|
|
Upon receiving this interrupt, the operating system calls on the device driver of the ______ to process the new packet.
|
network interface card (NIC)
|
|
The device driver copies the
packet from the NIC’s memory to the system’s memory. Once it has a complete copy, it can examine the packet and ______. |
determine what type of protocol is being used.
|
|
Note that the stack does not begin processing the packet immediately. This is because
the operating system may be doing something important that it needs to finish before _______. |
letting the stack process the packet.
|
|
Since it is possible for the device driver to receive
many packets from the NIC quickly, a _____ exists between the driver and the stack software. The _____ simply keeps track of the order in which packets arrive and notes where they are in memory. When the stack is ready to process those packets, it grabs them from the _____ in the appropriate order. |
queue
queue queue |
|
As each layer processes the packet, appropriate headers are removed. In the case of a
TCP/IP packet over Ethernet, the driver will strip the _____ headers, IP will strip the _____, and TCP will strip the ______. This will leave just the data that needs to be delivered to the appropriate application. |
Ethernet
IP header TCP headers |
|
The TCP/IP model is an architectural model that helps describe the components of
the TCP/IP protocol suite. It is also known by other names: |
Internet reference model,
Department of Defense (DoD) ARPANET reference model. |
|
The ISO’s OSI (Open Systems Interconnection) model is a well-known reference
model for describing the various abstraction layers in networking. The OSI model has seven layers: |
Physical layer,
Data Link layer, Network layer, Transport layer, Session layer, Presentation layer, Application layer. |
|
This Layer describes the actual medium on which the data flows. In a
network infrastructure, a pile of Cat 5 Ethernet cable and the signaling protocol are considered ______ |
the Physical layer.
|
|
____ used to describe the Ethernet protocol.The difference
between the OSI’s view of Layer 2 and Ethernet is that Ethernet only concerns itself with sending frames and providing a valid checksum for them. |
Ehternet
|
|
The purpose of the checksum
is to allow the receiver to validate whether the data arrived as it was sent. This is done by computing the ______ of the packet contents and comparing them against the checksum that was provided by the sender. |
Cyclic Redundancy Check (CRC)
|
|
If the receiver gets
a corrupted frame (that is, the checksums do not match), the packet is dropped here. From Linux’s point of view, it should not receive a packet that the _______ knows is corrupted. |
network interface card
|
|
OSI model formally specifies that Layer 2 should handle the automatic
retransmission of a corrupted packet, Ethernet does not do this. Instead, Ethernet relies on _____to handle retransmission. |
higher-level protocols (TCP in this case)
|
|
Ethernet’s primary responsibility is simple:
|
Get the packet from one host on a local
area network (LAN) to another host on a LAN. |
|
_____ the layer at which the Internet Protocol (IP) exists.
IP is wiser to the world around it than Ethernet. |
IP or Network Layer
|
|
_____ understands how to communicate
with hosts inside the immediate LAN as well as with hosts that are not directly connected to you. This means that an IP packet can make its way to any other host, so long as a path (route) exists to the destination host. |
the IP
|
|
The reason why ____ does not provide any more features than those of a simple
transport protocol is that it was meant to be a foundation for other protocols to rest on. |
IP
|
|
Transmission Control Protocol (TCP) and User Datagram
Protocol (UDP) are mapped to the ______. |
Transport layer.
|
|
______ actually maps to this OSI layer
quite well by providing a reliable transport for one session |
TCP
|
|
In addition to sessions, _____ handles the ordering and retransmission of packets. If
a series of packets arrives out of order, the stack will put them back into order before passing them up to the application. If a packet arrives with any kind of problem or goes missing altogether, ____ will automatically request the sender to retransmit. |
TCP
|
|
Finally, ____
connections are also bidirectional. This means that the client and server can send and receive data on the same connection. |
TCP
|
|
____, by comparison, doesn’t map quite as nicely to OSI. While____ understands the
concept of sessions and is bidirectional, it does not provide reliability. In other words, _____ won’t detect lost or duplicate packets the way TCP does. |
UDP
|
|
Technically, all applications that
use TCP or UDP sit here; however, the marketplace generally calls _____ traffic Layer 7. |
Hypertext Transport
Protocol (HTTP) |
|
______ is a bit of an odd bird and is not commonly associated
with any layer. It sits squarely between Layer 4 (TCP) and Layer 7 (Application, typically HTTP), and can be used to encrypt arbitrary TCP streams. |
Secure Sockets Layer (SSL)
|
|
In general, ____ is not
referred to as a layer. You should note, however, that _____L can encrypt arbitrary TCP connections, not just HTTP. |
SSL
|
|
Many protocols, like Post Office Protocol (POP) and Internet
Message Access Protocol (IMAP), offer _____ as an encryption option, and the emergence of SSL-virtual private network (VPN) technology shows how SSL can be used as an arbitrary tunnel. |
SSL
|
|
To date, there is no
framing protocol for ____ that runs on top of TCP directly |
XML
|
|
_____ data uses existing
protocols, like HTTP, Dual Independent Map Encoding (DIME), and Simple Mail Transfer Protocol (SMTP).(DIME was created specifically for transmitting ____.) |
XML
|
|
Every ____ packet contains a type that tells the recipient what the nature of
the message is. The most popular type is “Echo-Request,” which is used by the infamous ping program. When a host receives the ____ “Echo-Request” message, it responds with an ___ “Echo-Reply” message. This allows the sender to confirm that the other host is up, and since we can see how long it takes the message to be sent and replied to, we get an idea of the latency of the network between the two hosts. |
Internet Control Message Protocol (ICMP)
|
|
Layer 8 typically refers to the _____
|
“political” or “financial” layer,
JOKE!! HAHAHA |
|
_____ contains three entries: the destination address, the source
address, and the packet’s protocol type. Ethernet addresses—also called Media Access Control (MAC) addresses |
Ethernet header
|
|
[root@serverA ~]# tcpdump -e
does what? |
Shows Ethernet headers in network
|
|
This command does what:
[root@serverA ~]# tcpdump -e -n |
where the -n option tells tcpdump to not do name resolution.
|
|
Explain:
[root@serverA:~]# tcpdump -v -t -n -c 2 ip |
-v shows everthing in tcdump ip header
-c you can ask tcdump to stop after fixed number of packets -n tells tcdump not to remane resolution -t time stamp parameter |
|
TCP flag:
urg ack psh rst syn fin |
urg - implies there is urgent data in package
ack - Acknowledgment of successfully received data. psh - Request to immediately process any received data. rst - Immediately terminates the connection. syn - Request to start a new connection. fin - Request to finish a connection. |
|
____ supports the concept of a connection
|
TCP
|
|
____ goes through a three-way handshake for every connection that it opens up.
The first packet is sent by the host that wants to open the connection with a server. The second packet is sent from the server to the client. This packet contains two TCP flags set: SYN and ACK. the third packet goes from the client to the server. It has only the ACK bit set in the TCP flags for the purpose of acknowledging to the server that it received its SYN |
TCP
|