ARP
- Address Resolution Protocol
- how host learns MAC address of other network nodes
- helps build correct IP/MAC binding
How does ARP work?
If host A wants to send traffic to host B and only knows its IP address, it builds an ARP request with B’s IP and broadcast MAC address. Switches forward to all hosts, and B responds with ARP reply and says “that’s my IP! here is my MAC address!”
How to check ARP cache?
Windows - arp -a
Mac - arp
Linux - ip neighbour
Hubs
- used before switches
- same purpose, diff functionality
- simple repeaters that forward packets
- do NOT perform header check
TCP
- Transmission Control Protocol
- connection-oriented
- guarantee delivery
- ex: email, FTP, web browser
UDP
- User Datagram Protocol
- connectionless
- does not guarantee packet delivery
- faster than TCP
- media/streaming/VoIP
Ports
used to identify a single network process on a machine
How do you correctly address a process on a network?
:
127.0.0.0:8080
Daemon
program that runs a service
Where are the source and destination port located?
Transport Layer Protocol/TCP or UDP header
How to check listening ports and TCP connections?
- Linux: netstat -tunp
- Windows: netstat -ano
What are the header fields involved in a TCP 3 way handshake?
- sequence number
- acknowledgment number
- SYN and ACK flags
What are the steps in the 3way handshake for?
synchronize the sequence and acknowledgement numbers between the server and clinet
What is the first step of the TCP handshake?
client sends TCP packet to server w/ SYN flag enabled and random sequence number
What is the 2nd step of the TCP handshake?
Server replies with packet: SYN and ACK flag set, random sequence number
What is the 3rd/final step of TCP handshake?
Client sends ACK packet
