CompTIA Network+ Guide to Networks, Module 4: Protocols

CompTIA Network+ Guide to Networks, Ninth Edition - Study Notes

Module Overview

  • Title: CompTIA Network+ Guide to Networks, Ninth Edition Module 4: Protocols
  • Author: Jill West, CompTIA Network+ Guide to Networks, 9th Edition. © 2022 Cengage. All Rights Reserved.
  • Module Objectives: By the end of this module, you should be able to:
    • Describe the functions of core TCP/IP protocols
    • Identify how each protocol's information is formatted in a TCP/IP message
    • Secure network connections using encryption protocols
    • Configure remote access connections between devices
    • Employ various TCP/IP utilities for network discovery and troubleshooting

TCP/IP Core Protocols

Overview
  • TCP/IP is a suite of protocols including:
    • TCP
    • IP (IPv4 and IPv6)
    • UDP
    • ARP
    • And many others
  • TCP/IP protocols add a header to data inherited from the layer above it.
Data Encapsulation Process
  1. Application Layer (Layers 7, 6, and 5):
    • Generates data and instructions known as payload from applications running on the source host.
  2. Transport Layer (Layer 4):
    • Adds a header to the payload, including a port number to identify the receiving application.
  3. Network Layer (Layer 3):
    • Adds its own header and converts the data into a packet.
  4. Data Link Layer (Layer 2):
    • The packet is encapsulated with its own header and trailer creating a frame.
  5. Physical Layer (Layer 1):
    • The NIC receives the frame and places the transmission on the network.
Receiving Host Process
  • The receiving host decapsulates the message at each layer in reverse order and presents the payload to the receiving applications.
  • During transit, transmissions may pass through a number of connectivity devices.
  • Connectivity devices are specialized devices allowing connections and data exchanges between two or more networks or segments of one network.

TCP (Transmission Control Protocol)

Overview
  • TCP operates in the Transport layer of the OSI model.
Characteristics of TCP
  1. Connection-oriented:
    • Ensures that a connection or session is established, using a three-step process called a three-way handshake.
  2. Sequencing & Checksums:
    • Sends a character string (checksum) with a sequence number for each segment checked by the destination host.
  3. Flow Control:
    • Gauges the rate of transmission based on the recipient's data acceptance capacity.
Three-Way Handshake Process
  • Establishes a session prior to transmitting actual data:
    1. Step 1: A request for connection (SYN).
    2. Step 2: Response to request (SYN/ACK).
    3. Step 3: Connection establishment (ACK).
  • Sequence numbers increase based on bits included in each received segment to confirm the correct length of the message received.

UDP (User Datagram Protocol)

Characteristics
  • UDP is an unreliable, connectionless protocol.
  • No three-way handshake performed.
  • UDP does not guarantee data delivery, nor does it provide error checking, sequencing, or flow control.
  • UDP is more efficient than TCP for applications like live audio/video transmissions where speed is prioritized over reliability.
UDP Header Fields
  • Contains four fields:
    • Source port
    • Destination port
    • Length
    • Checksum (optional in IPv4, required in IPv6)

IP (Internet Protocol)

Overview
  • Operates at the Network layer of the OSI model.
  • Specifies delivery destination and identifies source and destination IP addresses.
  • Enables TCP/IP to traverse more than one LAN segment and network types through a router.
Characteristics
  • IP is an unreliable, connectionless protocol, meaning it does not guarantee delivery and no session establishment occurs before data transmission.
  • Relies on TCP to reorder messages and ensure they reach the correct application on the receiving host.
IPv4 vs. IPv6
  • IPv6 uses a different packet format, accommodating longer addresses, without a Fragment offset field, adjusting packet sizes as needed for network requirements.

ICMP (Internet Control Message Protocol)

Role
  • A core network layer protocol reporting data delivery success or failure.
Functions of ICMP
  • Reports conditions such as:
    • Network congestion
    • Data failing to reach its destination
    • Data discarded due to TTL expiration.
  • Indicates transmission failures but does not correct errors.
  • ICMPv6 performs functions of ICMP and ARP for IPv6 networks.

ARP (Address Resolution Protocol) on IPv4 Networks

Overview
  • Works with IPv4 to discover the MAC address of nodes on the local network and maintains a mapping database of IPs to MAC addresses.
ARP Table Entries
  1. Dynamic:
    • Created via ARP requests.
  2. Static:
    • Manually entered via ARP utility (arp command).
Viewing ARP Table
  • Command: arp -a

NDP (Neighbor Discovery Protocol)

Overview
  • Used by IPv6 devices for neighbor learning through automatic discovery.
Message Types
  • Includes:
    • RA (Router Advertisement)
    • RS (Router Solicitation)
    • Redirect
    • NS (Neighbor Solicitation)
    • NA (Neighbor Advertisement)

Ethernet

Overview
  • The most important data link layer standard, efficient for a variety of media, crucial for modern LANs.
Ethernet Frame Structure
  • Adds header and trailer to create a frame:
    • Frame size: 18 bytes (header + FCS) with a data portion of 46 to 1500 bytes.
  • MTU (Maximum Transmission Unit) defines the largest size allowed for packets.

Encryption Protocols

Overview
  • Uses a cipher to scramble data into a readable format, enhancing privacy.
Evaluation Benchmarks
  • Evaluated based on:
    • Confidentiality
    • Integrity
    • Availability (CIA triad)

Key Encryption

Overview
  • Involves a key which is a random string woven into original data, forming ciphertext by algorithms.
Categories
  1. Private Key Encryption:
    • Uses a single key communicated securely.
  2. Public Key Encryption:
    • Uses a public key that can be safely obtained by anyone.

IPsec (Internet Protocol Security)

Overview
  • An encryption protocol suite for securing TCP/IP transmissions.
Steps for Secure Connections
  1. IPsec initiation
  2. Key management
  3. Security negotiations
  4. Data transfer
  5. Termination
Operation Modes
  • Transport Mode
  • Tunnel Mode

SSL (Secure Sockets Layer) and TLS (Transport Layer Security)

Overview
  • Both encrypt TCP/IP transmissions, often referred to together (SSL/TLS).
Connection Establishment
  • Sessions defined by a unique agreement on encryption techniques, established through an SSL handshake, similar to a TCP three-way handshake.

Remote Access Protocols

Overview
  • Allows connecting to remote servers or networks using Remote Access Servers (RAS).
Types of Remote Access
  1. Remote File Access
    • FTP (File Transfer Protocol):
      • Includes FTPS (secure FTP with SSL), SFTP (secure file transfer over SSH), and TFTP (simple protocol with no authentication).
  2. Terminal Emulation
    • Examples: Telnet, SSH, Remote Desktop, VNC, Team Viewer.
  3. VPN (Virtual Private Network)
    • Encrypted connections creating private tunnels.

VPNs (Virtual Private Networks)

Overview
  • Encrypted connections referred to as tunnels, classified into models:
  1. Site-to-site VPN
  2. Client-to-site VPN
  3. Host-to-host VPN
Tunneling Protocols
  • Encapsulate higher-layer protocols to secure data. Common tunneling protocols include:
    • L2TP (Layer 2 Tunneling Protocol)
    • GRE (Generic Routing Encapsulation)
    • OpenVPN
    • IKEv2
Cisco Protocols
  • mGRE (multipoint GRE) for multiple destinations, and DMVPN (Dynamic Multipoint VPN) for dynamic tunnel creation.

Remote Access Policies

Requirements
  • Ensure devices are updated and secure.
  • Use strong authentication measures, encrypt storage, secure data, and control remote session access.

Troubleshooting Network Issues

Utilities
  1. netstat:
    • Displays TCP/IP statistics and established connections.
  2. tracert (Windows) / traceroute (Linux, UNIX, OS X):
    • Traces path through networks, identifying hops.
  3. tcpdump:
    • Packet sniffer for capturing traffic on networks.
Common Problems and Solutions
  • Duplicate MAC Addresses:
    • Use switches to detect and fix address conflicts.
  • Hardware Failures:
    • Use diagnostics tools like tracert and ping for connectivity tests.

Knowledge Check Activities

Questions
  1. Which protocol’s header includes the source MAC address?
    • Answer: a. Ethernet
  2. What protocol must be allowed through a firewall for tracert to work?
    • Answer: c. ICMP

Summary of Learning Outcomes

  • You should now be able to describe core TCP/IP protocols, format info in TCP/IP messages, secure connections using encryption, configure remote access connections, and employ TCP/IP utilities for discovery and troubleshooting.