CCNA: An Abbreviated Guide¶

Abridged guide to the CCNA so you don't have to read the whole thing, because lots of it is redundant, obvious, or just not very useful.

Configuring Switches and Routers¶

Command Examples¶

Set a password for user exec mode:

Sw-Floor-1# configure terminal
Sw-Floor-1(config)# line console 0
Sw-Floor-1(config-line)# password cisco
Sw-Floor-1(config-line)# login
Sw-Floor-1(config-line)# end
Sw-Floor-1#
Command Effect
enable enters "privlege" mode
disable leaves privilege mode
configure terminal enters global config mode
line console 0 enter line subconfiguration mode through console on line 0
exit leave the current (sub)configuration mode and go back to the previous one
end like typing exit a lot
copy running-config startup-config save configuration changes
enable password [password] set a password for entering privilege mode (not encrypted)
enable secret [password] Likewise but it is encrypted
service password-encryption Enable password encryption
show running-config View all config, including passwords, good for checking if things are actually encrypted.
banner motd #Shadow Wizard Money Gang - we love casting spells!# Set a really cool MOTD for the device
ping 192.168.1.2 Test the connection of the current device to an address. Used on desktops. Tests end-to-end connectivity.
show ip interface brief Show status of network interfaces. If it's working it should usually say "up" next to it.
hostname WizardTower Set the hostname to something really cool
login Enables password authentication for user EXEC mode
ip default-gateway 192.168.10.1 set the default gateway
show mac address-table show mac routing table
show ip route shows the routing table
show ip arp show the arp table
show interfaces shows interfaces with ipv4 information

Set the IP address and subnet for vlan 1:

Sw-Floor-1# configure terminal
Sw-Floor-1(config)# interface vlan 1
Sw-Floor-1(config-if)# ip address 192.168.1.20 255.255.255.0
Sw-Floor-1(config-if)# no shutdown
Sw-Floor-1(config-if)# exit
Sw-Floor-1(config)# ip default-gateway 192.168.1.1

Command Syntax¶

Commands are of the format [Prompt][Command] [Keyword and Arguments] and it's important you memorize that nomenclature for it because CISCO cares a lot for some reason. The distinction between a keyword and an argument is that a keyword is predefined. These are denoted with a similar syntax to man so you should know it.

Command Help Features¶

Context-sensitive help enables you to quickly find answers to these questions:

  • Which commands are available in each command mode?
  • Which commands start with specific characters or group of characters?
  • Which arguments and keywords are available to particular commands?

To access the context-sensitive help send a question mark (?) to the terminal. Again, it is important you memorize this because (for some reason) CISCO would like to quiz you on it later.

User and Privileged Mode¶

  • CISCO is mentally ill and so they use enable and disable to switch between super user and dumb user.

Editing Configurations¶

There are a bunch of different "edit modes" that affect what kind of settings you can alter.

  • Switch> User config mode. usually the default when you open the terminal.
  • (config)# Privilege config mode, access it by running enable.
  • Switch(config)# Globoal config mode. Access it by running configure terminal.
  • Switch(config-line)# Line configuration mode is used to configure SSH, Telnet, or AUX access
  • Switch(config-if)# Interface configuration mode is used to configure a switch port or router network interface.

Configuration changes take place imediatly but to save them you have to run copy running-config startup-config. Saved changes are stored in NVRAM, whereas non-saved changes that are in use are stored in RAM.

Enable Secret and Enable Password¶

The enable secret [password] command puts a password lock on the privileged mode (the one you get from running enable). This password is encrypted in memory. enable password [password] does something similar, however it stores the password in plaintext in the NVRAM.

CISCO thinks the following qualifies as a strong password:

  • More than 8 characters.
  • Combination of uppe rand loweercase letters, number,s special charactrs, numeric sequences.
  • Avoid using the same on multiple times.
  • do not use common words that are easily guessed.

Non-encrypted passwords (passwords other than enable secret can be secured better using service password-encryption.

DHCP¶

DHCP stands for Dynamic Host Configuration Protocol. It automatically assigns devices IP addresses when they join the network.

Hostname Criteria¶

  • Must be fewer than 64 characters.
  • Must begin with a letter.
  • Must not contain spaces.

Keybinds for IOS Configuration¶

Keybind/Shortcut Description
Tab Autocomplete commands or filenames.
Ctrl + A Move the cursor to the beginning of the line.
Ctrl + E Move the cursor to the end of the line.
Ctrl + K Delete from the cursor to the end of the line.
Ctrl + U Delete from the cursor to the beginning of the line.
Ctrl + W Delete the word before the cursor.
Ctrl + Z Exit to the previous mode (from config to privileged EXEC).
Ctrl + C Interrupt the current command or process.
Up Arrow Scroll through the command history (previous commands).
Down Arrow Scroll forward through the command history.
Left Arrow Move the cursor left one character.
Right Arrow Move the cursor right one character.
? Display help for available commands or options.
Ctrl + R Redisplay the current command line.
Ctrl + Shift + 6, X Abort a command in progress (e.g., stop a ping).
do Execute a command from global config mode (e.g., do show running-config).
exit Exit the current configuration mode.

Warning: This all come from AI slop but they're mostly right.

Weird Question¶

A router with a valid operating system contains a cona configuration file stored in NVRAM. The configuration file has an enable secret password but no console password. What mode will display?

user EXEC mode

Protocols and Models¶

Network Protocol Requirements¶

  • Message encoding: Converting a message into a format that can be transmitted.
  • Message formatting and encapsulation: Make sure the packet isn't malformed, ensure the host and source and identifiable.
  • Message size: Make sure a packet isn't too big or small to get send.
  • Message timing: Make sure one computer isn't sending too fast, or sending simulataneously on a single-band connection.
  • Message delivery options

Unicast, Multicast, and Broadcast¶

  • Unicast: Source sends to the switch, switch sends to one computer in particular.
  • Multicat: Source sneds to the switch, switch sends to multiple computers.
  • Broadcast: Source sends to the switch, switch sends to EVERYONE.

Message Timing:¶

  • Flow Control (how much information we can send per second).
  • Response Timeout (how long to wait before we decide a host didnt get a message).
  • Access Method (when can someone send a message).

Protocol Examples¶

Examples of some differnet protocols are as follows. I put them here because if CISCO lists them they'll probably show up in questions and examples.

  • Security Protocols: SSH, SSL, TLS.
  • Network Communication Protoocols: IP, TCP, HTTP.
  • Routing Protocols: Open Shortest path First (SOPF), Border Gateway protocol (BGP).
  • Service Discovery protocols: DHCP, DNS

Functions of Network Protocols¶

Again, these are here because I bet CISCO things they're real cool for coming up with this.

  • Addressing: Addressing is when you put an address.
  • Reliability: Reliability is when things are reliable.
  • Flow control: Makes sure data flows as fast as possible but not more than that.
  • Sequencing: Makes sure messages appear in order even if they get recieved out of order.
  • Error Detection: Detects errors. Some Protocols that supply error detection are: IPv4, IPv6, TCP.
  • Application Interface: Like HTTP and stuff bro.

Protocol Suites¶

There's a bunch of old shit properietary ones but now we all use TCP/IP. Sometimes UDP/IP. The TCP/IP stack is broken up into the following layers.

  • Application Layer: DNS, DHCP, SLAAC, SMTP, POP3, IMAP, FTP, SFTP, TFTP, HTTP, THTTPS, REST
  • Transport Layer: TCP, UDP
  • Internet Layer: IPv4, IPv6, NAT, ICMPv4, ICMPv6, ICMPv6 ND, OSPF, BGP, EIGRP
  • Network Access Layer: ARP, Ethernet, WLAN

Organizations In Charge of Internet¶

  • Internet Society (ISOC) - Responsible for promoting the open development and evolution of internet use throughout the world.

  • Internet Architecture Board (IAB) - Responsible for the overall management and development of internet standards.

  • Internet Engineering Task Force (IETF)- Develops, updates, and maintains internet and TCP/IP technologies. This includes the process and documents for developing new protocols and updating existing protocols, which are known as Request for Comments (RFC) documents.

  • Internet Research Task Force (IRTF)- Focused on long-term research related to internet and TCP/IP protocols such as Anti-Spam Research Group (ASRG), Crypto Forum Research Group (CFRG), and Peer-to-Peer Research Group (P2PRG).

  • Institute of Electrical and Electronics Engineers(IEEE, pronounced “I-triple-E”) - Organization of electrical engineering and electronics dedicated to advancing technological innovation and creating standards in a wide area of industries including power and energy, healthcare, telecommunications, and networking. Important IEEE networking standards include 802.3 Ethernet and 802.11 WLAN standard. Search the internet for other IEEE network standards.

  • Electronic Industries Alliance (EIA) - Organization is best known for its standards relating to electrical wiring, connectors, and the 19-inch racks used to mount networking equipment.

  • Telecommunications Industry Association (TIA) - Organization responsible for developing communication standards in a variety of areas including radio equipment, cellular towers, Voice over IP (VoIP) devices, satellite communications, and more.

  • International Telecommunications Union-Telecommunication Standardization Sector (ITU-T) - One of the largest and oldest communication standards organizations. The ITU-T defines standards for video compression, Internet Protocol Television (IPTV), and broadband communications, such as a digital subscriber line (DSL).

OSI Model¶

OSI Model Layer Description
7 Application Protocols used for process-to-process communications.
6 Presentation Used for representing the data transferred between application layer services
5 Session Provides services to the presentation layer to organize its dialogue and to manage data exchange.
4 Transport The transport alyer defines services to segment, transfer, and reassemble the data for individual communications between the end devices.
3 Network The network layer provides services to exchange the individual pieces of data over the network between identified end devices.
2 Data Link The data link layer protocols describe methods for exchanging data frames between the devices over a common media.
1 Physical The phsyical layer protocols describe the mechanica, elelctrical, functional, and procedural means to activate, maintain, and de-activate physical connections for a bit transmission to and from a network device.

For some fucked up reason people refer to these by their numbers rather than the names.

TCP/IP Model¶

TCP/IP Model Layer Description Equivalent OSI Layers
4 Application Represents data to the user, plus encoding and dialog control. 7, 6, 5
3 Transport Supports communication between various devices across diverse networks. 4
2 Internet Determines the best path through the network. 3
1 Network Access Controls the hardware devices and media that make up the network. 2, 1

PDU Nomenclature¶

  • Data (Application layer)
  • Segment (Transport layer)
  • Packet (Network layer)
  • Frame (Data link layer)
  • Bits (Physical layer)

Physical Layer¶

Wireless routers¶

The most important part of the wireless wire is all it's wires. There are usually two kinds of ports for wires in wireless routers:

  • The "internet port" where packets come on in.
  • Several ethernet switch ports, which allows many computers to get plugged into one router.

Wireless routers also have an antenna for creating a WLAN.

Who Makes What?¶

  • Internet Engineering Task Force (IETF) is in charge of the TCP/IP suite.

Physical layerd hardware, media, enoding, and signaling standards are defined and governed by these standards organizations:

  • International Organization for Standardization (ISO)
  • Telecommunications Industry Association/Electronic Industries Association (TIA/EIA)
  • International Telecommunication Union (ITU)
  • American National Standards Institute (ANSI)
  • Institute of Electrical and Electronics Engineers (IEEE)
  • National telecommunications regulatory authorities including the Federal Communication Commission (FCC) in the USA and the European Telecommunications Standards Institute (ETSI)

There are also regional cable standards and groups such as:

  • Canadian Standards Association (CSA)
  • European Committee for Electrotechnical Standardizations (CENELEC)
  • Japanese Standards Assosciation (JSA/JIS)

Encoding¶

Encoding here means the same thing it means everywhere.

Manchester Encoding¶

  • If we have a 0 we go fro high to low voltage. If we have a 1 we go from low to high voltage.
  • 10 Mbps Ethernet and 10BASE-T Ethernet use Manchester Encoding.

Other Encodings:¶

  • Ethernet 100BASE-TX uses 4B/5B encoding.
  • 1000BASE-T uses 8B/10B encoding.

Signaling¶

With Wires¶

  • Optical Fiber works but varying pulses of light down a tube.
  • Copper Cable works by varying the voltage on a copper wire.

Wireless Signaling¶

Wireless Signaling is pretty complicated, so we have a lot of different standards for it these days.

  • in Amplitude Modulation (AM) we make our sine wave taller or shorter to signal a one or a zero.
  • in Frequency Modulation (FM) we make the frequency of our sine wave faster or slower to signal a one or a zero. This sounds like if you were making mosquitto noises, alternating between male and female mosquittos.
  • in Phase Modulation (PM) we swap between sine and cosine waves to signal one or zero. This sounds like if you were making a mosquitto noise while recieving intermittent punches to the stomach. Which is often what happens when you go around making mosquitto noises.

Bandwidth¶

Bandwidth is how fast we vary our voltage, light pulses, amplitude, frequency, phase, or whatever else people come up with. We measure it in how many bits we send every second using this chart that reviews the metrics system incase you forgot the metric system.

Unit Abbreviation Equivalence
Bits per second bps 1 bit per second
kilobits per second Kbps 1,000 bps ($10^3$)
Megabits per second MBps 1,000,000 bps ($10^6$)
Gigabits per seond Gbps 1,000,000,000 bps ($10^9$ bps)
Terabits per second Tbps 1,000,000,000,000,000 bps ($10^12$ bps)

Latency¶

Latency refers to the amount of time, including delays, for data to travel from one given point to another. One shitty router in a network chain is all it takes to bottleneck, and create shitty latency.

Throughput¶

Throughput is the measure of the treansfer of bits across the media over a given period of time. The throughput of a network is usually lower than the bandwidth specified in its implementation. This is because networking is hard.

Goodput¶

Goodput is throughput not counting networking overhead (so data for establishing sessions, acknowledgments, encapsulation, and retransmitted bits don't count). Goodput is always lower than throughput (by definition) which is generally lower than bandwidth.

Copper Cables¶

We mostly use copper cables to setup networks. We use copper because it's cheap, easy, and has low resistance. It doesn't have 0 resistance though, and it acts like an antenna when it's long enough. As the signal travels down the line it deteriorates, which is called signal attenuation. So it's like redstone.

Copper cables act like antenna, which is annoying. Two ways it does this are:

  • Electromagnetic interference (EMI) or Radio frequency interference (RFI), which is when electromagnetic devices such as fluorescent lights, electric motors, or people talking on the radio, hit the cable and mess with his vibe. To fix this we wrap the cables in a grounded metallic shielding, so when the bad vibes from unimportant equipment (medical ventilator in the nearby hospital) try to interfere with our importat data (Daguth Ur meme #1049) it hits the shield and induces a voltage in that instead. Since the shield is grounded, the voltage almost immediately runs into dirt doing fuck all. Anyway that kind of cable is calle dcoaxial for some reason.

  • Crosstalk crosstalk is exactly like the above, but the "electromagnetic device" causing the interference is another network cable. On phone cables this sometimes means you can hear other people talking on the phone. We fix this by strand together two copper cables, and send the opposite signal down one of them.

Interference makes signals shitty. Here imagine a signal, now imagine it a little shitty. That's what intereference does. I'm not gonna make charts for that like the modules did because you can imagine things being shitty.

You can avoid interference by doing the following:

  • Use the right fucking cable type you idiot.
  • Maybe don't route the cable right past the microwave dipshit.
  • Terminate your cables properly.

Here are the most common cable types so you can pick the right one:

  • Unshielded twister pair. Likes like 4 different twizzler flavors in a tube.
  • Shielded Twister Pair. Like the above but with some tinfoil around it.
  • Coaxial Cable. Copper wire stuck through a marshmallow wrapped in that copper braid stuff you use when you mess up soldering.

Cable Types¶

Unshielded twisted pair (UTP): cabling is the most common networking media. UTP cabling, terminated with RJ-45 connectors is used to wire up all the computers in your house to the router. For LAN it consists of for pairs of color-coded wires that have been twsited together and encased in a plastic sheth. The twisting is to stop interference. It looks kind of like 4 twizzlers in a tube. We'll go over this a lot in a minute.

Shileded twisted pair (STP): It's just like UTP but with some tinfoil around the twizzlers. It's more expensive (cause of the tinfoil) but it has less intereference (again thanks to the tinfoil). The tinfoil has to be grounded to work proper, which is a mistake a lot of tinfoil hat enthusiasts fail to account for.

Coaxial Cable (coax): This gets used for radio stuff a lot, like to attach antennas and stuff. That's because antenna cables have to be really close to antennas, and antenna make bad vibes. Coax is made up of a copper wire, wrapped in an insulating marshmallow, wrappd in that copper braid you use when you screw up soldering, which is finally wrapped in normal cable rubber stuff. The copper braid acts as a shield for any bad vibes, like the tinfoil in STP. In fact, if you work in an area where people are really bad at soldering (so they run out of copper braid) then they might use tinfoil instead of copper braid.

We also use coax cable to route internet in your house around, but not between your devices just to connect you up to the real big boy internet. Mostly they use fiber cable for that now of days though.

Coaxial cable needs to be terminates with fancy connectors, BNC, N type, or F type.

Lots of Details about UTP.¶

The TIA/EIA specified the format for UTP cables. Specifically TIA/EIA-568 defines lan installations. It includes:

  • Cable types
  • Cable lengths
  • Connectors
  • Cable termination
  • Methods of testing cable

The IEEE specifies electrical properties of copper cabling. Cables are placed into categories based on their ability to carry higher bandwidth rates. Category 5 cable is used for 100BASE-TX Fast Ethernet installations. There is also Category 6 and weird stuff like category 6a. The higher the category the better bandwidth it can take.New buildings are supposed to use Category 6, with Category 5E being considered the bare minimum.

  • Category 3 was originally used for voice communication.
  • Category 5 supports 100 Mbps
  • Category 5e supports 1000 Mbps
  • Category 6 has an added separate between each wire pair to suppor thigher speeds. It supports up to 10 Gbps.
  • Category 7 also supports 10 Gbps.
  • Category 8 supports 40 Gbps.

UTP cables usually end in RJ45 connectors. They should plug into the connectors like this: image.png

If a cable has two T568A or two T568B connectors, we call it a straight-throught. If it has 1 T568A and 1 T568B connector we call it a crossover. Crossover cables used to be used to connect host-to-host or switch-to-switch, but we don't really use them so much these days.

Cisco has a proprietary cable type called a rollover cable, meant for connection a workstation to a router or switch. They'll probably ask because it's their Propertietary Secret Sauce (tm) and they want to make sure we memorized their advertisment.

Fiber Optic Cables¶

There's two kinds of fiber optic cables:

  • Single-Mode Fiber: Uses a fancy expensive laser to send a single ray of light down a fancy expensive cable. It's fancy and expensive. It's only used for really long lines (hundreds of kilometers). We color code these bad boys in yellow.

  • Multi-Mode Fiber: Which lets tons of scattered light work its way down the tube. Because we don't care if it's scatter you can just use a 0.2 cent LED. Because they're cheap you can use them in normal LAN. It can provide bandwidth of 10 Gbps over 550 meters. We color code these ones in aqua or orange, depending on if the current moon is waxxing or waning.

Fiber cables mainly get used for enterprise networks, Fiber-To-The-Home (FTTH), long-haul networks, and submarine cables. We're studying to become a corporate shill, so in this class we only give a shit about enterprise networks.

Fiber optic cables used to have two fiber in them, one for sending and the other for recieving. Twice the fibers is twice as expensive though, so now of days we just send different colors (wavelengths) of light down the tube.

To connect infrastructure devices use a patch cord.

Fiber optic has better bandwidth, distance, RMI and RFI resistance, and avoids electric hazards entirely. It's also expensive, is more annoying to install, and can make you go blind permanently. In that sense it's very similar to an elder scroll.

Wireless Networks¶

Wireless networks are nice because they cover a large area without any physical links. They are also insecure, this is because they cover a larger around without any physical links. Wireless devices struggle with interference that physical media doesn't.

WLANs operate in half-duplex, which means if there's lots of people on your WiFi it starts to shit the bed.

Types of Wireless Media¶

  • Wi-Fi (IEEE 802.11)
  • Bluetooth (IEEE 802.15) works from 1 to 100 meters. Hipsters sometimes call this Personal Area Networks (PAN).
  • WiMAX (IEEE 802:16) stands for Worldwide Interoperability for Microware Access. Uses a point-to-multipoint topology.
  • Zigbee (IEEE 8002.15.4) is a specficiation for low data rate, low power communications. It's meant for IoT crap.

Satelite and cell towers also exist, but they aren't on the exam so we don't care.

WLAN¶

Usually by WLAN, we mean WiFi. WiFi only works with an access point (AP) and wireless network interface cards (WNIC). The WNIC is the thing in your laptop, and the AP is the thing stuck to the cieling with the ethernet cord sticking out of it's ass. The NIC talks to the AP, and the AP talks to the ethernet network like normal.

Number Systems¶

You should know this, but let's review a few things:

  • Radix is a fancy way of saying "what base the system is in"
  • To convert binary to hexadecimal quickly, group the binary representation into groups of 4 (starting with the least significant side). Then just convert each group of 4 into hexadecimal.
  • To convert decimal to binary quickly: Call A the value you would like to convert. Start at the highest significant bit in the binary number. If A > that number, put a 1 there, otherwise don't. Subtract 2^i from A. Continue to the second highest significant bit, then the third, then the fourth, blah blah blah.

Stupid Utilities for Stupid Questions¶

If questions are stupid you shouldn't feel obliged to listen to them. The same thing goes for laws (such as murder being 'illegal' for no reason).

In [1]:
def decimal_to_binary(n):
    if n == 0:
        return "0"
    
    binary = ""
    while n > 0:
        remainder = n % 2  # Get the remainder when n is divided by 2
        binary = str(remainder) + binary  # Prepend the remainder to the binary string
        n = n // 2  # Update n tob be the quotient of n divided by 2
    
    return binary
In [2]:
def binary_to_decimal(binary_str):
    decimal_value = 0
    length = len(binary_str)
    
    for i in range(length):
        bit = binary_str[length - 1 - i]  # Get the bit from the end
        if bit == '1':
            decimal_value += 2 ** i  # Add the value of the bit (2^i) if it's '1'
    
    return decimal_value

This one is written out so that you can't lol. I just didn't want to have to do the questions by hand.

In [3]:
def ip_to_bin(ip):
    a =  [decimal_to_binary(int(i)).zfill(8) for i in ip.split(".")]
    return ".".join(a)
In [4]:
def bin_to_ip(binary_ip):
    # Split the binary IP into its four octets
    binary_octets = binary_ip.split(".")
    
    # Convert each binary octet to decimal
    decimal_octets = [str(binary_to_decimal(octet)) for octet in binary_octets]
    
    # Join the decimal octets into a single string
    return ".".join(decimal_octets)
In [5]:
ip_to_bin("192.168.11.10")
Out[5]:
'11000000.10101000.00001011.00001010'
In [6]:
ip_to_bin("172.16.31.30")
Out[6]:
'10101100.00010000.00011111.00011110'

The Data Link Layer¶

The data link layer is responsible for NIC-to-NIC communications. It's broken up into the LLC sublayer and the MAC sublayer.

Router In Data Link Layer¶

In the data link layer the router's job is to de-encapsulate a data link layer packet, then re-encapsulate it into a different media (like say from MAC to ethernet).

The LLC Sublayer¶

LLC stands for Logical Link Control. It is defined in IEEE 802.2. It facilitates communication between the upper layer software and the device hardware. It places information in the frame that identifies which network layer protocol is being used for the frame. This information allows multiple layer 4 protocols, such as IPv4 and IPv6, to use the same network interface and media.

The MAC Sublayer¶

MAC stands for Media Access Control. It is specified in IEEE 802.3 or 802.15. It is responsbile for data enacapsculation and media access control. It provides data link layer addressing and it is integrated with various physical layer technologies.

Topologies¶

Physical Topologies¶

The Physical view of a topology is based off where devices and cables are physically placed.

Logical Topology¶

The Logical view of a topology is based off what interfaces and addresses are specifieed to what devices. We don't really care where things are placed, just which devices are connected to what interfaces.

WAN Topologies¶

  • Point-to-Point Two devices are connected directly
  • Hub-and-spoke All the devices are connected to an intermediary.
  • Mesh All the devices are connected to each other.
  • Hybrid Mesh Devices are connected to whatever we feel like.

There's other ones but they all just do what they sound like.

Half/Full Duplex¶

  • Half duplex means only one device can send at a time. So they have to take turns talking.
  • Full duplex means both devices can transmit and receieve simultaneously.

Collision Detection and Avoidance Algorithms¶

This is only used by wireless LAN now of days. But we used to use it for ethernet. Ethernet networks that use ethernet hubs have to use one of these, ethernet networks that use switches operate on full duplex so they don't care. CSMA stands for Carrier Sense Multiple Access for some reason.

  • Collision Detection (CSMA/CD) If two devices try to transmit at the same time, the NIC will compare the signal amplitude or the data received, and detect the collision. We call that shit collision detection (CD). After we detect a collision we have to resend the data.
  • Collision Avoidance (CMSA/CA) Every transmitted message includes how long it will take to transmit. Then everyone listens to those and waits before they transmit. Detecting collisions is hard on WiFi so we use this shit isntead. It's called collision avoidance (CSMA/CA). This breaks if too many people use it.

These techniques don't scale well obviously.

Frames¶

Frames are what we call packets when they're in the data link layer. Frames have headers, data, and footers- but CISCO calls footers trailers because of lead content near their headquarters.

Headers might include things like:

  • Frame start
  • Addressing
  • Type
  • Control

Trailers might inlcude things like:

  • Error detection
  • Frame stop

These things are what they sound like.

Addressing:¶

  • Frames use the physical address (MAC address) of the devices.
  • The address is usually placed at the start so it's faster for devices to check if things are addressed to them or not.
  • Frames sometimes don't contain their source addresses. Usually they do though.
  • Physical addresses don't indicate what network the device is located on.
  • It's the router's job to fix this shit when the packet gets to a new network.

LAN vs. WAN¶

WAN Stands for Wide-Area-Network (don't confuse it with WLAN). It's used to connect stuff over long distances. WANs are more expensive, slower, and shittier- that's because it's hard to make things big. WANs span geographic area.s WAN protocols include:

  • Point-To-Point Protocol (PPP)
  • High Level Data Link Control (HDLC)
  • Frame Relay
  • Asynchronous Transfer Mode (ATM)
  • X.25

LAN Stands for Local-Area-Network (when they're wireless, we call them WLANs). LAN is cheaper, faster, and better. A LAN is something like a computer lab or your home network.

Some other Data link layer protocols include:

  • Ethernet
  • 802.11 (Wireless)

Ethernet Switching¶

Ethernet is one of the two most common LAN technologies:

  • It supports bandwidth from 10Mbps all the way up to 100 Gbps.
  • It is defined in IEEE 802.2 and IEEE 802.3 standards.
  • Ethernet frames should be between 64 bytes and 1518 bytes (not including the preamble).

Ethernet Frame Fields:

  • 8 bytes of preamble
  • 6 byte destination MAC
  • 6 byte source MAC
  • 2 bytes type/length, this usually just refers to IPv4, IPv6, or ARP
  • 46-1600 bytes of data
  • 4 frame check sequence field (error detection)

MAC Addresses¶

MAC addresses are 6 bytes long. They are all unique, and have to be registered by the vendor with the IEEE. The first 4 bytes of a MAC address refer to which vendor produced the device. Devices use Address Resolution Protocol (ARP) to assosciate IP addresses and MAC addresses.

  • Unicast: Unicast is what it sounds like
  • Broadcast: Broadcast is what it sounds like. It's special address is all high(FF:FF:FF:FF:FF:FF)
  • Multicast: Multicast is what is sounds like. We use a destination of 01-00-5E when doing IPv4 multicast. We use 3333 when it's an IPv6 multicast packet.

More on multicast¶

  • The range of multicast IPv4 address is 244.0.0.0 to 239.255.255.255
  • The range of multicast IPv6 addresses is ff00::/8

MAC Address Table¶

Switches don't send packets out through every port, because that would be inefficient. Instead they listen for the MAC addresses in incomming traffic, and make a table of which MAC addresses are at which port. Then when the switch recieves a unicast frame, it forwards it looks it up in the list, and forward it to the right port. If it recieves a frame destined for a MAC address it hasn't heard from, then it will send the frame to all ports. The table entries usually reset after 5 minutes of not hearing from anyone.

There are two modes for this switching process:

  • Store-and-forward switching, which means the router listens to the whole frame and does the checksum before forwarding the frame

  • Cut-through switching which means the router only listens to some portion, then immediatly starts sending the frame to the destination *before it finishes recieving it.

  • Fragment-free switching is a varient of cut-through switching where we store and check the first 64 bytes (instead of just the destination MAC). This is because most errors happen in the first 64 bytes.

  • Fast-forward switching refers to cut-through switching where we only check the destination MAC.

Some switches will monitor the error rate on certain ports, and use it to determine what switching technique to use.

Memory Buffering¶

Switches have memory buffers for store-and-forward switching, and in case of large traffic influxes. In port-based-memory every port gets a queue to store frames in. In shared memory we dump them all into one common memory buffer.

Speed Settings¶

Switches and other devices need to agree on the bandwidth and the duplex type (otherwise the network won't work). Autonegotation is a feature some switches and NICs have to configure that automatically. Duplex misconfiguration is one of the most common performance issues on 10/100Mbps ethernet. If you use autonegotation, make sure to turn it on for both devices.

Auto-MDIX¶

If you wanted to connect two switches or two routers, you used to need a special cable with the data ports switched around on it. That was a right pain in the ass, so now most switches support automatic medium-dependent intrface crossover (auto-MDIX), which just automatically switches the ports around (like USB-C). The CISCO command to make sure auto-MDIX is enabled is auto-MDIX (in configuration mode).

The Network Layer¶

The network layer has to do with PDUs that make their way through routers. The Data we send on the internet gets encapsulated into IPv4 or IPv6- but there are other protocols for routing (such as Open Shortest Path First) or messaging (such as Internet Control Message Protocol). PDUs get encapsulated, then routed, then de-encapsulated.

Details about IP¶

  • IP is connectionless (there are no sockets, data is just spammed at routers).
  • "Best effort" meaning there's no checks to see if the data actually gets recieved.
  • Media independent, it works over wireless, fiber, copper, whatever.

The only aspect of the medium IP is concerned with is the maximum transmission unit (MTU). If a packet is too big it must be fragmented (this happens at the network layer). IPv6 packets cannot be fragmented for some reason though.

Details About IPv4¶

IPv4 Packet Fields¶

cisco.png

Limitations of IPv4¶

IPv4 is still in use today. Naive people believe it will be replaced with IPv6 but that day never seems to come. Anyway IPv4 has loads of problems so here they are:

  • IPv4 only supports about 4 billion IPs. That's not that many when you consider the earth has about 8 billion people, and people like to have more than one device.
  • Lack of end-to-end connection. Because IPv4 doesn't support so many addresses, we use Network Address Translation to make multiple devices share an address. This is problematic for technologies who don't want to share an address.
  • Increased network complexity. Because IPv4 depends on NATs, we have an extra layer of complexity, as well as latency. That's no good.

Details About IPv6¶

IPv4 didn't have enough addresses, so when we made IPv6 we decided we'd use 128-bits, giving us 1 about 340 undecillion addresses. That's about 1 address for every grain of sand on the planet, so unless we start running out of sa- fuck.

image.png

Default Gateway¶

A default gateway is a device (Router, layer 3 switch, etc) that can route traffic in and out of the network (that's to say, it can route data to other networks). The default gateway has a nomral local IP address like everyone else on the network (usually it is the first usuable address).

In IPv4 a host gets the default gateway's address through DHCP or manual configuration. In IPv6 the router will tell new hosts his address, or you configure it manually. Hosts remember a "default route" to get to the default gateway, since we send a lot of crap over the internet.

On Windows you can use the netstat -r command to see the routing table. You can also use route print because Windows is ill thought through.

Router's Gonna Route¶

Routers route stuff. They using routing tables to do routing. The routing table contains routes. The routing table stores these sorts of routes:

  • Directly-connected networks These represent network interfaces that have been configured with IP address themselves. "I know a guy."
  • Remote networks these network route entries are connected to toher routers. Routers learn about remote networks either by being explicitly configured by an admin, or by exchanging route information using a dynamic routing protocol. "I know a guy who knows a guy."
  • Default route This gets used when there's isn't a better match in the routing table. "I know a guy who may or may not know a guy, we'll have to ask."

Routes are entered into the table manually, or generated automatically. When it's the former we call it static routing, when it's the latter we call it dynamic routing. Some dynamic routing protocols are OSPF (Open Shortest Path First) and EIGRP (Enhanced Interior Gateway Routing Protocol). Dynamic routing protocols do stuff like this:

  • Discover remote networks.
  • Maintain up-to-date routing information.
  • Choose the best path to destination networks.
  • Attempt to find a new best path if the current path is no longer available.

Routing Tables¶

We can use show ip route command in EXEC mode to show the routing table. It has an annoying shorthand as follows

Symbol Meaning
L Directly connected local interface IP address.
C Directly connected network.
S Static route was manually configured by an admin.
O Found through OSPF
D Found through EIGRP

Address Resolution¶

We got that MAC IP duality of the PDU. See sometimes a PDU acts like instructions for a device that makes waves, and other times it acts like a particle moving through a network graph. When we do the first bit we use the MAC, when we do that other bit it's the IP address.

So Layer 2 gets that DE:AD:BE:EF crud and Layer 3 gets that 192.168/10.10 crud.

If we send a packet outside the network, then the MAC address will be the default gateway's MAC address, but the IPv4 will be that of the outside network.

As a PDU makes it way through the internet the Layer 2 MAC address gets swapped around for whoever is forwarding the frame to whoever else- but the Layer 3 IP address remains the same.

In IPv4 we use ARP to lookup who's MAC address is who's IP. In IPv6 we use ICMPv6 Neighbor Discovery (ND).

ARP¶

We broadcast an ARP request saying "Who has IPv4 address blah.blah.blah.blah" then the guy with that address sends back his MAC. If the IPv4 address isn't on the network, we get back the MAC address of the default gateway.

An ARP request frame has the following in it:

  • Destination MAC address (which is always the broadcast address FF-FF-FF-FF-FF-FF
  • Source MAC address
  • Type which is always 0x806 meaning it's an ARP frame.

Naturally ARP being a local-only kind of thing, ARP requests don't have IPv4 headers- it's just an ethernet frame.

An ARP response has this crud in it:

  • Destination MAC address, which will be the same as the source address in the request.
  • Source MAC address, which is the MAC of the replier
  • Type which will always be 0x806 meaning it's an ARP frame.

If nobody replies then tough luck the packet dies. ARP replies are stored in an ARP table, with a timestamp. If you don't use an address for too long since it got that time stamp, it'll expire and you gotta do another ARP request. It's possible to add static entries to the ARP table but don't do that nobody does that anymore.

On CISCO routers show ip arp can be used to display the ARP table. On windows you can use arp -a to display the ARP table. In a CISCO ARP table ff-ff-ff-ff-ff-ff means something special idk maybe the address is static but they have an indicator so idk.

You can poison ARP to do a MItM attack.

Also if you turn a lot of PCs on at once they might flood the network with ARP requests.

IPv6 Neighbor Discovery¶

IPv6 is wy more complicated. This help network administrators feel smart. ND uses five different ICMPv6 messages:

  • Neighbor Solicitation
  • Neighbor Advertisement
  • Router Soliciation
  • Router Advertisement
  • Redirect Message

Neighbor Solicitation¶

Neighbor Solicitation and Neighbor Advertisement messages are used for address resolution like ARP. It's used router-to-router or host-to-host. These use special multicast addresses that allow the NIC to deal with them sans-OS.

Router Solicitation¶

Router Solicitation and Router advertisement messages are used for for messaging between devices and routers. Typically a router discovery is used for dynamic address allocation and stateless address autoconfiguration (SLAAC).

The fifth ICMPv6 ND message (Redirect Message) is a forbidden jutsu from the dark scroll, which we are not allowed to explain in this course.

IPv6 ND is defiend in the IETF RFC 4861.

Basic Router Configuration¶

Initial Setup¶

When you setup a router do this stuff:

  • hostname CoolWizardTower1 Rename it something cool
  • enable secret PartmarksPonyUPSTape Secure privileged mode
  • line console 0; password CorrectHorseBatteryStaple; login Secure user mode
  • line vty 0 4; password WrongDonkeyOutletPaperclip; login; transport input { ssh | telnet } Secure SSH/Telnet access
  • exit; service password-encryption encrypt passwords in the config file
  • banner motd $Shadows Wizard Money Gang: We love casting spells do this or the computer will explode.
  • end; copy running-config startup-config save your work
  • no shutdown Wasn't in the manual but if you don't then it'll randomly reset when you're testing.

Interface Configuration¶

To configure an interface on a router do something like this:

  • interface G0/0 select the interface
  • description $Property of The Shadow Government do not touch$ add a cool description
  • ip address ipv4address subnetmask Setup the IPv4 address
  • ipv6 address ipv6-address/prefix-length Setup the IPv6 address
  • no shutdown turn the interface on or it won't work

Misc Info¶

show ip interface brief to list all sorts of crap show ipv6 interface brief to list all sorts of modern crap

Setup Default Gateway on a Switch¶

The only reason to give a switch a Layer 3 address is so that you can SSH into it to fix it. So if you have to do that then you do it like this:

  • hostname S1 set the hostname
  • interface Vlan1 choose the interface
  • ip address {ipv4 address} {subnet mask} set the ip address
  • ip default-gateway {ipv4 address} set the default gateway

IPv4 Addressing¶

IPv4 Addresses are split up into the "network portion" and the "host portion". We use a "subnet mask" to deliniate between the host portion and the network portion by ANDing the address with the mask, y'know, like a bitmask, because it's a bit mask.

Writing out 255.255.255.0 every time is annoying and I don't want to so instead we can use prefix length, which is what it sounds like.

So instead of 11111111.11111111.11111111.00000000 we can just write /24 (because it starts with 24 ones).

So now instead of 192.168.10.10 255.255.255.0 we just write 192.168.10.10/24.

Special Addresses¶

  • The network address can be found by ANDing and host address with the subnet mask
  • The first usable host is just the network portion + 1
  • The last usable host is just the broadcast address -1
  • The broadcast address is the network address but with all 1s in the host portion (instead of all 0s).

Broadcast Trivia¶

  • IPv6 doesn't have broadcast packets.
  • By default routers do not forward broadcasts.
  • A directed broadcast is sent to all the hosts on a specific network. We use the network broadcast address for that.
  • A limited broadcast is sent to 255.255.255.255 and goes to whoever. But since routers don't forward broadcasts it's kind of the smae as a directed one.
  • There's also broadcast groups which are assigned and can be used to send multicast packets so maybe this doesn't belong in broadcast trivia.

Multicast Trivia¶

  • 224.0.0.0-239.255.255.255 is reserved for multicast

Private Addresses¶

This bad boys are used to play Minecraft with people next to you:

Network Address and Prefix RFC 1918 Private Address Range
10.0.0.0/8 10.0.0.0 - 10.255.255.255
172.16.0.0/12 172.16.0.0 - 172.31.255.2555
192.168.0.0/16 192.168.0.0 - 192.168.255.255

Private addresses were invented by Robret Fredrick Coolguy in 1918 and so we sometimes call them RFC1918 addresses to honour him.

When a private address leaves your private network, it gets translated into a public address. We call that Network Address Translation (NAT).

Public Addresses¶

Public addresses are separated out into blocks, which the Internet Assigned Numbers Authority (IANA) gives out. They give them out regionally, so Regional Internet Registries (RIRs).There are 5 major RIRs:

  • ARIN
  • AfriNIC
  • APNIC
  • LACNIC
  • RIPE NCC

Link-Local¶

Link Local address (169.254.0.0/16 or 169.254.0.1 to 159.254.255.254) also known as Automatic Private IP Addressing (APIPA) are used by Windows hosts to self-configure if they join a network with no DHCP server. To be really funny, assign all of them to the same machine, then turn DHCP off.

Classful Addressing¶

Classful addressing is doo-doo so we don't use it anymore. You still have to memorize a lot of details about it though. See you used to have to call up your ISP and ask for an address, then based off how big of a company you were they would put you into one of these classes.

Class # Networks Available # Hosts Per Network
Class A 128 networks 16,777,214 hosts
Class B 16,384 networks 65,534 hosts
Class C 2,097,152 networks 254 hosts
Class D & E Experimental address block used for pentagon black budget Area 51 alien Twitter $\sqrt{-1}$ hosts

This system is called "Classful Addressing" because you'll only ever have to deal with it in a networking class.

Subnetting¶

If too many computers are on the same network, they keep broadcasting a lot and it gets too noisy. To fix that we take some of the host bits and use them to deliniate different networks. That's called subnetting. Here's other reasons to do it:

  • Reduce overall network traffic and improves performance
  • Make better security policies
  • Reduce devices affected when something breaks

We group subnets up by location, group, or device type. Sometimes all three. Sometimes we just make a big mess of things too.

By Magic Number¶

Uhm umm uhhh. The magic number is the last 1 in binary form thanks for coming to my TED talk. Or maybe it's not that I don't really know.

DMZs¶

Because DMZs need their own public IPv4 address subneting them is tricky business. Companies have to use Variable Subnet Length Masking.

Variable Subnet Length Masking¶

We can conserve more addresses if we give each subnet a different subnet mask. This is especially useful for dealing with IPv4 public address. Using the same subnet everywhere meant all our subnets got the same number of hosts, that's no good. In VSLM we use different length subnets to give each subnet a different number of hosts. Essentially we're subnetting a subnet.

IPv6¶

Look. Basically I'm just not gonna use IPv6. I know.. UGH I know.. IM SORRY! It's just that I'm not using it is all. Hahahaha.

Need For IPv6¶

Blah blah blah we ran out of addresses blah blah blah 32 bits isn't enough blah blah an address for every grain of sand on the planet. Personally I think we should solve this by reducing the number of devices. Direct connection this blah blah Inter of Things :tm: blah blah blah.

Coexist¶

If a newtwork or network device can use both IPv4 and IPv6 we call it Dual Stack. Because nobody seriously uses IPv6, we often have to tunnel IPv6 packets by encapsulating them in IPv4 stuff. Then, once the packet gets there, we use Network Address Translation 64 (NAT64) to conver the IPv6 address intol a real (IPv4) address.

This way we can use IPv6 without actually using it at all, but we can put that we did IPv6 on our network so we seem cool (even though the entire infrastructure is still IPv4 dependent...).

IPv6 Address Format¶

IPv6 is formed of 16-bit segments, which are unironically called hextets. Each "hextet" is written with 4 ASCII characters (y'know in hexadecimal). You've seen this garbage before somewhere it's like DEAD:BEEF:CAFE:BABE:DEAD:BEEF:CAFE:BABE. So that's 8 segments of 16 bits.

That's annoying because it's way too long, so we'll try our best to avoid writing addresses out properly, and instead use weird shorthands:

  • Omit the leading zeros from hextets 2001:db8:aaaa:1:0:0:0:a
  • Using a :: to represent any continous section of 0s 2001:db8:aaaa:1::a

This helps make the addresses more annoying to copy between programs, which overall contributes to the mission statement of IPv6 which is to be annoying.

Unicast, Multicast, Anycast¶

  • Unicast is what it was in IPv4
  • Multicast is what it was in IPv4
  • Anycast some fucked up third thing (outside the scope of this course).

IPv6 does not have broadcast. Instead broadcast is considered a special cast of multicast where you address every host.

Subnet Masks¶

We still use the / notation, and it means the same thing. Usually we use /64, but they can go up to /128. You really want to stick to /64 if you can though, because SLACC will break if you don't.

Address Types¶

Unique Local Addresses¶

These are like IPv4 private addresses, but with a few differences:

  • No one uses them
  • USed for local addressing within a site,or between a limited number of sites
  • Can be used for devices that will never need to access another network
  • They are not translated to a global IPv6 address. In fact they aren't routed.

Global Unicast Address¶

Global Unicast Addresses are like IPv6 public addresses. Currently, IANA (and their lapdog ICANN) are only giving out GUAs with the first three bits of 001 or 2000:/3, which makes up about 1/8th the total space. Because a 4 bit binary number that starts with 001 could only be 0010 (2) or 0011 (3), this means GUAs start with a 2 or a 3. Unless it's some weird research thing, or it's being used in documentation, then it might not.

GUAs have three parts to them:

  • Global Routing Prefix (often 48 bits long)
  • Subnet ID (often 16 bits long)
  • Interface ID (often 64 bits long)

In IPv6 because there's no broadcast address, the all-ones address can be assigned to an interface.

Link-Local Addresses¶

These are used to talk to devices on the same subnet. They cannot be routed beyond the subnet. Also IPv6 nerds call subnets "links", which is confusing and annoying. Every IPv6 network interface MUST have an LLA. IPv6 LLAs are in the fe80::/10 range. They start with these bits 1111 1110 10xx. Hosts use the LLA of the local router as the default gateway. Devices get their LLAs statically or dynamically, dynamic addresses are generated based off the MAC address.

GUA Configuration¶

On a CISCO router do typing like this

interface gigabitethernet 0/0/0
ipv6 address 2001:db8:acad:1::1/64
no shutdown
exit
interface gigabitethernet 0/0/1
ipv6 address 2001:db8:acad:2::1/64
no shutdown
exist
interface serial 0/1/0
ipv6 address 2001:db8:acad:3::1/64
no shutdown

On Windows go do a GUI thingy

Statically declaring IPv6 GUAs is annoying, so we like to use Stateless Address Autoconfiguration (SLAAC) or Stateful DHCPv6.

Static LLA Configuration¶

Manually configuring LLAs is only really good for making recognizable addresses, which is really just good for routers and stuff like that. To configure it manually on a router do this stuff:

interface gigabitethernet 0/0/0
ipv6 address fe80::1:1 link-local
exit
interface gigabitethernet 0/0/1
ipv6 address fe80::2:1 link-local
exit
interface serial 0/1/0
ipv6 address fe80::3:1 link-local
exit

Verifying¶

You can verify that an LLA is configured properly using

  • show ipv6 interface brief
  • show ipv6 route
  • ping

RS and RA messages¶

Devices obtain GUAs through ICMPv6. Routers periodically send out ICMPv6 Router Advertisment (RA) messages, every 200 seconds, to all IPv6 enabled devices on the network. Hosts can ask for an RA packet without waiting, by sending an Router Solicitation (RS). By edfault, CISCO routers are do not have IPv6 routing enabled, and you must use ipv6 unicast-routing (in global config mode) to enable it.

Router Advertisments contain this stuff:

  • Network prefix and prefix length
  • Default gateway address LLA
  • DNS addresses and domain names

There are three methods for RA messages:

  • SLAAC "I have everything you need including the prefix, prefix length, and default gateway address."
  • SLAAC with a stateless DHCPv6 server "Here is some information, go ask the DHCP server for other crud like DNS addresses."
  • Stateful DHCPv6 (no SLAAC) "Here's the default gateway address. Go get the rest from the DHCP server."

The RA contains important information to generate a GUA, but operating systems can choose to ignore it and do whatever they want.

To generate a GUA we need an interface ID, for that we can use EUI-64 or just make something up.

EUI-64 Process¶

We need to make a 64-bit device identifier out of a 48 bit MAC address. So we do this:

  • Separate the MAC into the OUI and the device ID (each are 24 bits long)
  • We flip the 7th bit on the OUI
  • Then we put OUI + FFFE + Device Identifier from the MAC and that's our IPv6 device identifier

IPv6 Multicast Addresses¶

  • All Nodes The all nodes address is ff02::1 and it acts like the broadcast address in IPv4.
  • All routers The all routers multicast group is ff02::2, and it broadcasts to all the routers. Routers add themselves to this multicast group when you run ipv6 unicast-routing on them.
  • Solicited Nodes This is like all nodes, except it uses a special Layer 2 MAC address that lets hosts filter the packet at the NIC level (instead of letting the operating system deal with it).

Subnet an IPv6 Network¶

IPv6 was designed with subnetting in mind, so we don't have to borrow bits from the host ID. Instead the IPv6 GUA has a separate subnet ID field. In IPv6 we don't care about conserving addresses. Typically (but not always):

  • We have 48 bits for global routing prefix
  • We have 16 bits for subnet ID
  • we have 64 bits for interface ID

Like that we can support >65K subnets each with 18 quintillion hosts. You also don't have to convert things to decimal to find the next subnet address, you can just count up in hexadecimal.

To configure IPv6 on a Router:

interface gigabitethernet 0/0/0
ipv6 address 2001:db8:acad:1::1/64
no shutdown
exit

interface gigabitethernet 0/0/0
ipv6 address 2001:db8:acad:2::1/64
noshutdown
exit

interface serial 0/1/0
ipv6 address 2001:db8:acad:3::1/64
no shutdown

ICMP¶

ICMP ECHO Message¶

The ICMP ECHO message is sometimes called a ping, because you can send it using the ping command. You send an echo request to somebody, and if the admin isn't a nerd, he sends a echo reply.

Destination Unreachable Codes¶

In ICMPv4 we got these ones:

  • 0, Net unreachable
  • 1, Host unreachable
  • 2, Protocol unreachable
  • 3, Port unreachable

In ICMPv6 we got these other ones:

  • 0, No route to desination
  • 1, Communication with destination is administravively prohibited (firewall)
  • 2, Beyond scope of the source address
  • 3, Address unreachable
  • 4, Port unreachable

Time Exceeded¶

If a router gets a packet with a TTL of 0, it throw the packet out, and sends back a TTL Exceeded ICMPv4 message.

ICMPv6 Special Messages¶

ICMPv6 has 4 new message types for something called Neighbor Discovery protocol (NDP).

For messaging between routers and devices we use:

  • Router Solicication (RS) messages (requests an RA from a router)
  • Router Advertisement (RA) messages (sent every 200 seconds by routers)

For messaging between two devices, we use:

  • Neighbor Soliciation (NS) messages (send a message to your own IP, and see if someone else responds, if they do, that address is already in use)
  • Neighbor Advertisement (NA) messages

Stuff To Test With Ping¶

  • You can ping 127.0.0.1 to check if IP is installed at all. Don't bother, it is.
  • You can ping the default gateway, this lets you know you're at least connected locally.
  • You can ping some random remote hosts to make sure that you can access remote hosts. This also lets you know the remote host is working.

That last one should be taken with a grain of salt, because a lot of syadmins disable ping replies. Azure server have that disabled by default too, which gave me a lot of near heart attacks at my old job.

Stuff To Test With Traceroute¶

Traceroute or tracert can be used to find the Round Trip Time (which is exactly what it sounds like). If your packet has to go home early, he gets a little star next to him. You can set the TTL on a traceroute packet.