Download TCP Ports

Document related concepts

IEEE 1355 wikipedia , lookup

Distributed firewall wikipedia , lookup

Net bias wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

AppleTalk wikipedia , lookup

Airborne Networking wikipedia , lookup

Computer network wikipedia , lookup

Network tap wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Parallel port wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Deep packet inspection wikipedia , lookup

TCP congestion control wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Internet protocol suite wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Transcript
Hands-On Ethical
Hacking and Network
Defense
Chapter 2
TCP/IP Concepts Review
Last modified 3-27-16 - jw
Objectives



Describe the TCP/IP protocol stack
Explain the basic concepts of IP
addressing
Explain the binary, octal, and hexadecimal
numbering system
Overview of TCP/IP

Protocol

Common language used by computers for speaking
to each other.
Overview of TCP/IP

Transmission Control Protocol/Internet Protocol
(TCP/IP)
Most widely used open standard protocol
 The first layered protocol model for internetwork
communications was created by the DoD
(Department of Defense) and DARPA (Defense
Advanced Research Project Agency) in the early
1970s and is often referred to as the DoD model.
 It defines four categories of functions that must
occur for communications to be successful.

TCP/IP stack
Contains four
different layers
Application
Transport
Internet
Network
Overview of TCP/IP
Protocol Data Units and Encapsulation

The encapsulation process.
As application data is passed
down the protocol stack on its
way to be transmitted across the
network media, various protocols
add information to it at each
level.
The form that a piece of data
takes at any layer is called a
Protocol Data Unit (PDU).
During encapsulation, each
succeeding layer encapsulates
the PDU that it receives from the
layer above in accordance with
the protocol being used.
Protocol Data Units and Encapsulation

At each stage of the process, a
PDU has a different name to reflect
its new appearance.
Data - The general term for the
PDU used at the Application
layer
Segment - Transport Layer
PDU
Packet - Internetwork Layer
PDU
Frame - Network Access Layer
PDU
Bits - A PDU used when
physically transmitting data over
the medium
Protocol Data Units and Encapsulation
The Application Layer



Front end to the lower-layer protocols
What you can see and touch – closest to
the user at the keyboard
HTTP, FTP, SMTP, SNMP, SSH, IRC and
Telnet all operate in the Application Layer
The Transport Layer


Encapsulates data into segments
Segments can use TCP or UDP to reach a
destination host
TCP is a connection oriented protocol
 UDP is a connectionless oriented protocol

TCP and UDP
Transmission Control Protocol
(TCP)
 TCP is a connection-oriented
protocol, described in RFC 793.
 TCP incurs additional overhead to
gain functions.
 Additional functions specified by
TCP are the same order delivery,
reliable delivery, and flow control.
 Each TCP segment has 20 bytes
of overhead in the header
encapsulating the Application
layer data,
 Applications that use TCP are:
Web Browsers
E-mail
File Transfers
http://www.uic.rsu.ru/doc/inet/tc
p_stevens/tcp_tran.htm
TCP and UDP
User Datagram Protocol (UDP)
 UDP is a connectionless protocol,
described in RFC 768.
 It providing for low overhead data
delivery.
 The pieces of communication in
UDP are called datagrams.
 each UDP segment only has 8
bytes of overhead.
 These datagrams are sent as
"best effort".
 Applications that use UDP
include:
Domain Name System (DNS)
Video Streaming
Voice over IP (VoIP)
Purpose of the Transport Layer


The Transport layer provides for the
segmentation of data necessary to
reassemble these pieces into the various
communication streams.
Its primary responsibilities to accomplish
this are:
Tracking the individual
communication between applications
on the source and destination hosts
Segmenting data and managing each
piece
Reassembling the segments into
application data
Identifying the different applications
TCP Connection Establishment and Termination

When two hosts communicate using
TCP:
a connection is established
before data can be exchanged.
The host tracks each data
segment within a session and
exchanges information about what
data is received.
After the communication is
completed, the sessions are
closed and the connection is
terminated.
TCP Connection Establishment and Termination
To establish the connection, the hosts
perform a three-way handshake.
Establishes that the destination
device is present on the network
Verifies that the destination
device has an active service and
is accepting requests on the
destination port number that the
initiating client intends to use for
the session
Informs the destination device
that the source client intends to
establish a communication
session on that port number
TCP three-way handshake
Computer A
sends a SYN
packet
 Computer B
replies with a
SYN-ACK packet
 Computer A
replies with an
ACK packet

TCP Header Format
0
1
2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Source Port
|
Destination Port
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Sequence Number
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Acknowledgment Number
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data |
|U|A|P|R|S|F|
|
| Offset| Reserved |R|C|S|S|Y|I|
Window
|
|
|
|G|K|H|T|N|N|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Checksum
|
Urgent Pointer
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Options
|
Padding
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
data
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
http://freesoft.org/CIE/RFC/793/19.htm
TCP Segment Headers

Critical components:
TCP flags
 Initial Sequence Number (ISN)
 Source and destination port


Abused by hackers finding vulnerabilities
TCP Flags


Within the TCP segment header, there are
six 1-bit fields that contain control
information used to manage the TCP
processes.
Six flags
URG - Urgent pointer field significant
 ACK - Acknowledgement field significant
 PSH - Push function
 RST - Reset the connection
 SYN - Synchronize sequence numbers
 FIN - Finish Flag - No more data from sender


Flag can be set to 0 (off) or 1 (on)
TCP Flags

Six flags mnemonic
Unskilled - URG
 Attackers - ACK
 Pester - PSH
 Real - RST
 Security - SYN
 Folks – FIN


Knowledge of the flags is useful for
analyzing performance and port scanning
techniques.
Initial Sequence Number (ISN)




32-bit number
Tracks packets received
Enables reassembly of large packets
Sent on steps 1 and 2 of the TCP threeway handshake
By guessing ISN values, a hacker can hijack a
TCP session, gaining access to a server
without logging in
http://en.wikipedia.org/wiki/TCP_sequence_pre
diction_attack

Initial Sequence Number (ISN)
cont’d




The ISN represents the starting value for
the bytes that will be transmitted to the
receiving application.
As data is transmitted, the sequence
number is incremented by the number of
bytes that have been transmitted.
This enables each segment to be uniquely
identified and acknowledged.
Missing segments can be identified.


Port Addressing: Identifying the Conversations
The TCP and UDP based services keep track of the
various applications that are communicating. Both
TCP and UDP have header fields that can uniquely
identify these applications.
These unique identifiers are the port numbers.
In the header of each segment or datagram, there is a
source and destination port.
The source port number is the number for this
communication associated with the originating
application on the local host.
The destination port number is the number for this
communication associated with the destination
application on the remote host.
Port Addressing: Identifying the Conversations

Port numbers are
assigned in various ways,
depending on whether the
message is a request or a
response.
While server
processes have static
port numbers assigned
to them, clients
dynamically choose a
port number for each
conversation.
1028
Client
23
23
Server
1028
Client
Server
Notice the difference in how source and destination port numbers
are used with clients and servers:
Client (initiating Telnet service):
 Destination Port = 23 (telnet)
 Source Port = 1028 (dynamically assigned)
Server (responding to Telnet service):
 Destination Port = 1028 (source port of client)
 Source Port = 23 (telnet)
TCP Ports

Port
Logical, not physical, component of a TCP
connection
 Identifies the service that is running
 Example: HTTP uses port 80



A 16-bit number – 65,536 ports
Each TCP packet has a source and
destination port
The IANA assigns port numbers

Port numbers are assigned in
various ways, based on three
ranges:




System Ports (0-1023)
User Ports (1024-49151)
Dynamic and/or Private Ports (4915265535)
http://www.iana.org/assignments/se
rvice-names-port-numbers/servicenames-port-numbers.xhtml
The IANA assigns port numbers

Well Known Ports (Numbers 0 to
1023) - These numbers are
reserved for services and
applications.
HTTP
(web server) - 80
POP3/SMTP (e-mail server) – 110/25
Telnet – 23
The IANA assigns port numbers

Registered Ports (Numbers 1024 to
49151) - These port numbers are
assigned to user processes or
applications.
These
processes are primarily
individual applications that a user has
chosen to install.
When not used for a server resource,
these ports may also be used
dynamically selected by a client as its
source port.
The IANA assigns port numbers

Dynamic or Private Ports (Numbers
49152 to 65535) - Also known as
Ephemeral Ports, these are usually
assigned dynamically to client
applications when initiating a
connection.
It
is not very common for a client to
connect to a service using a Dynamic
or Private Port.
The IANA assigns port numbers

Using both TCP and UDP
Some
applications may use both TCP
and UDP.


For example, the low overhead of UDP
enables DNS to serve many client requests
very quickly.
Sometimes, however, sending the
requested information may require the
reliability of TCP.
Blocking Ports

Helps you stop or disable services that are not
needed


Open ports are an invitation for an attack
You can’t block all incoming and outgoing ports
That would stop all networking
 Example - Incoming ports 25 and 80 are usually
open on a servers, so mail serves can receive
messages and serve Web pages

Port numbers and Applications

Knowing port numbers is essential to quickly
determining applications
TCP Ports (continued)

Ports 20 and 21
File Transfer Protocol (FTP)
 Use for sharing files over the Internet
 Requires a logon name and password
 More secure than Trivial File Transfer
Protocol (TFTP) but FTP is still clear text
transmission

TCP Ports (continued)

Port 23
Telnet
 Older TCP/IP protocol for text-based
communication
 Used commonly to configure network devices

TCP Ports (continued)

Port 25
Simple Mail Transfer Protocol (SMTP)
 E-mail servers listen on this port

TCP Ports (continued)

Port 53
Domain Name Service (DNS)
 Helps users connect to Web sites using URLs
instead of IP addresses

TCP Ports (continued)

Port 69
Trivial File Transfer Protocol
 Used for transferring configurations

TCP Ports (continued)

Port 80
Hypertext Transfer Protocol (HTTP)
 Used when connecting to a Web server


Port 110
Post Office Protocol 3 (POP3)
 Used for retrieving e-mail

TCP Ports (continued)

Port 119
Network News Transfer Protocol
 For use with newsgroups


Port 123

The Network Time Protocol (NTP) is used to
synchronize the clocks of computer systems
data networks.
TCP Ports (continued)

Port 135
Remote Procedure Call (RPC)
 Critical for the operation of Microsoft
Exchange Server and Active Directory


Port 139
NetBIOS
 Used by Microsoft’s NetBIOS Session
Service
 File and printer sharing

TCP Ports (continued)

Port 143
Internet Message Access Protocol 4 (IMAP4)
 Used for retrieving e-mail
 More features than POP3


Port 443
Hypertext Transfer Protocol Secure (HTTPS)
 Used for secure communications to a Web
server

45
TCP Ports (continued)

Port 3389
Remote Desktop Protocol (RDP)
 Proprietary protocol developed by Microsoft, which
provides a user with a graphical interface to
connect to another computer over a network
connection. The user employs RDPclient software
for this purpose, while the other computer must
run RDPserver software.

46
Demonstration


Use telnet to establish connections
Use netstat to see the connections
Port 23 (usually Telnet)
 Port 25 SMTP (blocked on COD campus???)
 Port 21 FTP (blocked on COD campus???)

Demonstration
Demonstration
Demonstration

Wireshark Packet Sniffer
TCP Handshake: SYN, SYN/ACK, ACK
 TCP
Ports
 TCP
Status
Flags

User Datagram Protocol
(UDP)





Fast but unreliable protocol
Operates on transport layer
Does not need to verify whether the
receiver is listening
Relies on higher layers of the TCP/IP stack
to handle reliability problems
Connectionless protocol
The Internet Layer



Responsible for routing packets to their
destination address
Uses a logical address, called an IP
address
IP addressing packet delivery is
connectionless
Internet Control Message
Protocol (ICMP)




Operates in the Internet layer of the
TCP/IP stack
Used to send messages related to network
operations
Helps in troubleshooting a network
Some commands include
Ping
 Traceroute

ICMP Type Codes
Ping – A TCP/IP Application

PING (Packet Internet Groper) is a diagnostic
utility used to determine whether a computer is
properly connected to devices/Internet.
Traceroute – A TCP/IP Application


Traceroute is a program that is available on many
systems, and is similar to PING, except that
traceroute provides more information than PING.
Traceroute traces the path a packet takes to a
destination, and is used to debug routing problems.
For more information on Ping
Read the book: The
Story About Ping by
Marjorie Flack, Kurt
Wiese
See a Amazon.com
customer review on next
slide – very funny!
Review of Story of Ping on Amazon.com
8271 of 8518 people found the following review helpful:
Ping! I love that duck!, January 25, 2000
Reviewer: John E. Fracisco (El Segundo, CA USA)
Using deft allegory, the authors have provided an insightful and intuitive explanation of one of Unix's most
venerable networking utilities. Even more stunning is that they were clearly working with a very early beta
of the program, as their book first appeared in 1933, years (decades!) before the operating system and
network infrastructure were finalized.
The book describes networking in terms even a child could understand, choosing to anthropomorphize the
underlying packet structure. The ping packet is described as a duck, who, with other packets (more ducks),
spends a certain period of time on the host machine (the wise-eyed boat). At the same time each day (I
suspect this is scheduled under cron), the little packets (ducks) exit the host (boat) by way of a bridge (a
bridge). From the bridge, the packets travel onto the internet (here embodied by the Yangtze River).
The title character -- er, packet, is called Ping. Ping meanders around the river before being received by another
host (another boat). He spends a brief time on the other boat, but eventually returns to his original host
machine (the wise-eyed boat) somewhat the worse for wear.
If you need a good, high-level overview of the ping utility, this is the book. I can't recommend it for most
managers, as the technical aspects may be too overwhelming and the basic concepts too daunting.
Problems With This Book
As good as it is, The Story About Ping is not without its faults. There is no index, and though the ping(8) man
pages cover the command line options well enough, some review of them seems to be in order. Likewise, in
a book solely about Ping, I would have expected a more detailed overview of the ICMP packet structure.
But even with these problems, The Story About Ping has earned a place on my bookshelf, right between
Stevens' Advanced Programming in the Unix Environment, and my dog-eared copy of Dante's seminal
work on MS Windows, Inferno. Who can read that passage on the Windows API ("Obscure, profound it
was, and nebulous, So that by fixing on its depths my sight -- Nothing whatever I discerned therein."),
without shaking their head with deep understanding. But I digress. --This text refers to the School & Library
Binding edition.
Wireshark Capture of a PING
59
Overview of Numbering
Systems



Binary
Octal
Hexadecimal
60
Reviewing the Binary
Numbering System



Uses the number 2 as its base
Binary digits (bits): 0 and 1
Byte
Group of 8 bits
 Can represent 28 = 256 different values

61
UNIX and Linux Permissions

UNIX and Linux File permissions are
represented with bits
0 means removing the permission
 1 means granting the permission
 111 (rwx) means all permissions apply

Examples of Determining
Binary Values

Each position represents a power of 2
value


Usually the bit on the right is the less
significant bit
Converting 1011 to decimal
1 x 20 = 1
 1 x 21 = 2
 0 x 22 = 0
 1 x 23 = 8


1 + 2 + 8 = 11 (decimal value)
63
Understanding Nibbles


Half a byte or four bits
Helps with reading the number by
separating the byte


1111 1010
Components
High-order nibble (left side)
 Low-order nibble (right side)

64
Understanding Nibbles
(continued)

Converting 1010 1010 to decimal

Low-order nibble


Multiply high-order nibble by 16


1010 = 10 (base 10)
1010 = 10 x 16 = 160 (base 10)
160 + 10 = 170 (base 10)
65
Reviewing the Octal
Numbering System

Uses 8 as its base




Supports digits from 0 to 7
Octal digits can be represented with three bits
Linux and Unix Permissions
Owner permissions (rwx)
R – Read
Group permissions (rwx)
 Other permissions (rwx)
 ___
___
___
 Owner
Group Everyone

W – Write
X – Execute
66
Reviewing the Octal
Numbering System

Example Permissions on Linux and UNIX
Owner permissions (rwx)
 Group permissions (r-x)
 Other permissions (--x)
 Example: 111 101 001


Octal representation 751
Mac-mini:temp student$ ls -al test.txt
-rwxr-x--x@ 1 student staff 29 Oct 25 12:32 test.txt
Mac-mini:temp student$
67
Reviewing the Octal
Numbering System
Examples:
Mac-mini:temp student$ ls –al test*.txt
-rwxr-x--x 1 student staff 29 Oct 25 12:32 test.txt
-r-xr-x--- 1 student staff 29 Oct 25 12:32 test1.txt
-rwxr-xr-- 1 student staff 29 Oct 25 12:32 test2.txt
-rw-r--r-- 1 student staff 29 Oct 25 12:32 test3.txt
Mac-mini:temp student$
68
Reviewing the Hexadecimal
Numbering System

Uses 16 as its base
 Support

numbers from 0 to 15
Hex number consists of two characters
 Each
character represents a nibble
 Value contains alphabetic letters (A … F)
A

representing 10 and F representing 15
Sometimes expressed with “0x” in front
69
Warriors of the Net


Network+ Movie
http://www.warriorsofthe.net/
IP Addressing

Consists of four bytes, like 172.16.122.204

Two components
Network address
 Host address


Neither portion may be all 1s or all 0s
IP Addressing

Legacy Classes of IP Addresses
Class A
 Class B
 Class C
 Class D

http://en.wikipedia.org/wiki/Classful_network
IP Addressing (continued)

Class A
First byte is reserved for network address
 Last three bytes are for host address
 Supports more than 16 million host computers
 Limited number of Class A networks
 Reserved for large corporations and
governments
 Format: network.node.node.node
 https://en.wikipedia.org/wiki/List_of_assigned_/8
_IPv4_address_blocks

IP Addressing (continued)

Class B
First two bytes are reserved for network
address
 Last two bytes are for host address
 Supports more than 65,000 host computers
 Assigned to large corporations and Internet
Service Providers (ISPs)
 Format: network.network.node.node

IP Addressing (continued)

Class C
First three bytes are reserved for network
address
 Last byte is for host address
 Supports up to 254 host computers
 Usually available for small business and home
networks
 Format: network.network.network.node

IP Addressing (continued)

Class D
Address reserved for Multicast Traffic (one-tomany communication)
 Commonly used for multimedia content delivery
and routing protocols
 Address Range: 224.0.0.0 to 239.255.255.255

IP Addressing (continued)

Subnetting



Class A uses a subnet mask of 255.0.0.0


Also called /8
Class B uses a subnet mask of 255.255.0.0


Each network can be assigned a subnet mask
Helps identify the network address bits from the host
address bits
Also called /16
Class C uses a subnet mask of 255.255.255.0

Also called /24
Planning IP Address
Assignments



Each network segment must have a
unique network address
Address cannot contain all 0s or all 1s
To access computers on other networks

Each computer needs IP address of gateway
Planning IP Address
Assignments

TCP/IP uses subnet mask to determine if
the destination computer is on the same
network or a different network
If destination is on a different network, it
relays packet to gateway
 Gateway forwards packet to its next
destination (routing)
 Packet eventually reaches destination

79
Public and Private Addresses

Public Addresses
The majority of the addresses are public
addresses.
These addresses are designed to be used in
the hosts that are publicly accessible from the
Internet.
Public and Private Addresses

Private addresses
There are private blocks of addresses for internal use.
 10.0.0.0 to 10.255.255.255 (10.0.0.0 /8)
 172.16.0.0 to 172.31.255.255 (172.16.0.0 /12)
 192.168.0.0 to 192.168.255.255 (192.168.0.0 /16)
Hosts in different networks may use the same private
addresses.
The hosts in the private networks use IP addresses that are
unique within their networking environment.
The router or firewall device at the perimeter of these
private networks must block or translate these addresses.
Public and Private Addresses

Network Address Translation (NAT)
With services to translate private addresses to
public addresses, hosts on a privately addressed
network can have access to resources across the
Internet.
The NAT can be implemented at the edge of the
private network.
NAT allows the hosts in the network to "borrow" a
public address for communicating to outside
networks.
Special IPv4 Addresses

There are certain addresses that cannot
be assigned to hosts.
 Loopback
 Network
and Broadcast
 Default Routes

There are special addresses that can be
assigned to hosts but with restrictions.
Special IPv4 Addresses

Loopback
The loopback address 127.0.0.1.
You can ping the loopback address to test
the configuration of TCP/IP on the local host.
This also cover all addresses in 127.0.0.0 to
127.255.255.255.
Special IPv4 Addresses

Network and Broadcast Addresses
Within each network the first (network)
address and last (broadcast) addresses
cannot be assigned to hosts.
Special IPv4 Addresses

Default Route
The default route as 0.0.0.0.
The default route is used when a specific
route is not available.
This also covers all addresses in the 0.0.0.0
- 0.255.255.255.
Special IPv4 Addresses

Link-Local Addresses (APIPA)
The address block 169.254.0.0 to
169.254.255.255 (169.254.0.0 /16) are
designated as link-local addresses.
These might be used in a small peer-to-peer
network or for a host that could not
automatically obtain an address from a
DHCP server.
A host must not send a packet with link-local
destination address to any router for
forwarding.
Special IPv4 Addresses

TEST-NET Addresses
The address block 192.0.2.0 to
192.0.2.255 (192.0.2.0 /24) is set aside
for teaching and learning purposes.
These addresses can be used in
documentation and network examples.
 network devices will accept these
addresses in their configurations.
You may often find these addresses
used with the domain names
example.com or example.net in RFCs,
vendor, and protocol documentation.
Addresses within this block should not
appear on the Internet.
IPv4 In-Class Exercises
To the Internet
Good Network
Network:
192.168.1.0
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.102
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
Duplicate IP Address
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.101
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
IP Address Outside Subnet
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.2.102
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
Wrong Subnet Mask
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.130
192.168.1.103
255.255.255.0
255.255.255.128
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
Wrong Subnet Mask
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.102
192.168.1.103
255.255.255.0
255.255.128.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
To the Internet
Wrong Default
Gateway
IP Address
A
Subnet Mask
Network:
192.168.1.0
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.102
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.101
192.168.1.1
IPv6 Exercise
Site 1
2001:DB8:0001:0001::/64
2001:DB8:0001:0002::/64
ISP
2001:DB8:0001::/48
Site 2
Only
Announces
the /32 Prefix
2001:DB8::/32
2001:DB8:0002:0001::/64
IPv6 Internet
2001:DB8:0002:0002::/64
2000::/3
2001:DB8:0002::/48
What is wrong?
BREAK
IPv6 Next!