Slide #1.

CIS 81 Fundamentals of Networking Chapter 7: Transport Layer Part 1 of 2 CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College [email protected] Fall 2013
More slides like this


Slide #2.

Chapter 7: Objectives Part 1 Describe the purpose of the transport layer in managing the transportation of data in end-to-end communication. Describe characteristics of the TCP and UDP protocols, including port numbers and their uses. Part 2 Explain how TCP session establishment and termination processes facilitate reliable communication. Explain how TCP protocol data units are transmitted and acknowledged to guarantee delivery. Explain the UDP client processes to establish communication with a server. Determine whether high-reliability TCP transmissions, or nonguaranteed UDP transmissions, are best suited for common applications. 2
More slides like this


Slide #3.

The Transport Layer
More slides like this


Slide #4.

Encapsulation DATA SEGMENT DATA S.P / D.P. / S.N. / Ack # / … DATA (SEGMENT) PACKET IPv / HLEN / Flag / S. IP / D. IP / … Frame Header DATA (PACKET) FRAME Trailer 111010110101011100001001011010101010010101010101101101010001010101010110101010 4
More slides like this


Slide #5.

Reminder of encapsulation/decapsulation IP Header Data Link Header IP Packet Data Link Trailer Data Link Header IP Packet Data Link Trailer Data Link Header IP Packet Data Link Trailer Data Link Header IP Header TCP Header TCP Header HTTP Header Data Link Trailer Data Link Header HTTP Header Data Data Data Link Trailer 5
More slides like this


Slide #6.

Focus on Transport Layer TCP TCP 6
More slides like this


Slide #7.

Role of the Transport Layer TCP UDP  The Transport Layer is responsible for establishing a temporary communication session between two applications and delivering data between them.  It regulates the flow of information from source to destination, reliably and accurately. 7
More slides like this


Slide #8.

Transport Layer Responsibility www.cisco.com TCP Segment TCP Segment TCP Segment TCP Segment 1. Tracking the individual communication between applications on the source and destination hosts 2. Segmenting data for manageability and reassembling segmented data into streams of application data at the destination 3. Identifying the proper application for each communication stream 8
More slides like this


Slide #9.

 What two protocols are at the Transport Layer?  TCP  UDP  IP is a best-effort delivery service. What does that mean?  No guarantees  Best-effort service  “Unreliable service”  TCP/UDP is responsible for extending IP’s delivery service between two end systems. 9
More slides like this


Slide #10.

Tracking Individual Conversations  Any host on a network can have multiple applications that are communicating simultaneously.  It is the responsibility of the Transport layer to maintain the multiple communication streams between these applications. 10
More slides like this


Slide #11.

HTTP HTTP SMTP FTP Cabrillo Web Server TCP TCP TCP TCP TCP TCP ISP’s Email and FTP Server TCP TCP  A single client may have multiple transport connections with multiple servers.  Notice that TCP is a connection-oriented service (two-way arrow) between the hosts, whereas UDP is a connectionless service (one-way arrow) . (later) 11
More slides like this


Slide #12.

Identifying the Application 12
More slides like this


Slide #13.

UDP Header TCP Header 0 15 16 16-bit Source Port Number 31 16-bit Destination Port Number 32-bit Sequence Number 32 bit Acknowledgement Number 4-bit Header Length 6-bit (Reserved) U A P R S F R C S S Y I G K H T N N 16-bit TCP Checksum 16-bit Window Size HTTP is Port 80 16-bit Urgent Pointer Options (if any) Data (if any)  The transport layer assigns each application an identifier called a port number.  The transport layer uses ports to identify the application or service. 13
More slides like this


Slide #14.

segment segment  To pass data streams to the proper applications, the Transport layer must identify the target application.  Accomplished by referencing the port number in the header.  Each software process that needs to access the network is assigned a port number unique in that host.  This port number is used in the transport layer header to indicate to which application that piece of data is associated.  More later! 14
More slides like this


Slide #15.

Segmenting and Reassembling Segments  Some transport layer protocols can also reassemble the data pieces into streams to be passed to the application layer. 15
More slides like this


Slide #16.

Acronym Alert Transport Layer Protocols  TCP/IP uses two transport layer protocols:  Transmission Control Protocol (TCP)  User Datagram Protocol (UDP) 16
More slides like this


Slide #17.

TCP versus UDP TCP UDP  Two protocols for different types of traffic. 17
More slides like this


Slide #18.

TCP Header 0 15 16 16-bit Source Port Number 31 UDP Header 16-bit Destination Port Number 32-bit Sequence Number 32 bit Acknowledgement Number 4-bit Header Length 6-bit (Reserved) U A P R S F R C S S Y I G K H T N N 16-bit TCP Checksum 16-bit Window Size 16-bit Urgent Pointer Options (if any) Data (if any)  TCP is a more complex protocol. 18
More slides like this


Slide #19.

TCP Segment and UDP Datagram 19
More slides like this


Slide #20.

TCP Jon Postel made many significant contributions to the development of the Internet, particularly in the area of standards. He is principally known for being the editor of the (1943 – 1998) Request for Comment (RFC) document series, and for serving as the Internet Assigned Numbers Authority (IANA) until his death.  TCP is considered a reliable transport protocol.  Introduced in RFC 793.  It includes processes to ensure reliable delivery between.  Analogous to sending packages using FedEx.  With TCP, the three basic operations of reliability are:  Tracking transmitted data segments  Acknowledging received data 20  Retransmitting any unacknowledged data
More slides like this


Slide #21.

TCP  The user uses FTP to upload a file to an FTP server. 21
More slides like this


Slide #22.

UDP 0 15 16 31 16-bit Source Port Number 16-bit Destination Port Number 16-bit UDP Length 16-bit UDP Checksum Data (if any)  Providing the reliability functions of TCP also adds additional overhead.  UDP provides just the basic functions for delivering data segments between the appropriate applications, with very little overhead and data checking.  It is known as a best-effort delivery protocol.  Analogous to sending a regular, non-registered, letter in the mail. 22
More slides like this


Slide #23.

UDP  The user uses TFTP to upload a file to a TFTP server. 23
More slides like this


Slide #24.

TCP
More slides like this


Slide #25.

0 15 16 16-bit Source Port Number 31 TCP Services 16-bit Destination Port Number 32-bit Sequence Number 32 bit Acknowledgement Number 4-bit Header Length 6-bit (Reserved) U A P R S F R C S S Y I G K H T N N 16-bit TCP Checksum 16-bit Window Size 16-bit Urgent Pointer Options (if any) Data (if any)  TCP provides reliable delivery on top of unreliable IP  In addition to supporting the basic functions of data segmentation and reassembly, TCP also provides:       Reliable delivery Error checking Flow control Congestion control Ordered delivery Connection establishment 25
More slides like this


Slide #26.

Transmission Control Protocol (TCP) HTTP FTP SMTP  Connection-oriented protocol, described in RFC 793.  TCP incurs additional overhead to gain functions.  Each TCP segment adds a 20 byte header to the Application layer data.  Applications that use TCP include:  Web Browsers  E-mail  File Transfers  The TCP PDU is called a segment. 26
More slides like this


Slide #27.

Segmenting Data Application Data (100,000 bytes) 1-1000 TCP 1-1000 1001-2000 2001-3000 3001-4000 4001-5000 … TCP Segment  TCP encapsulates data into multiple segments.  Segments are required to make network communication efficient.  The segments header contain:  Source port number to help keep track of individual conversations.  Destination port number to enable a receiving host to forward the data to the appropriate application.  Sequence numbers help segmenting and reassembling segments.  Window size to help with flow control.  Error checking mechanisms. 27
More slides like this


Slide #28.

Reassembling Segments 0 15 16 16-bit Source Port Number 31 16-bit Destination Port Number 32-bit Sequence Number 32 bit Acknowledgement Number 4-bit Header Length 6-bit (Reserved) U A P R S F R C S S Y I G K H T N N 16-bit TCP Checksum 16-bit Window Size 16-bit Urgent Pointer Options (if any) Data (if any)  At the receiving host, each segment is examined and reconstructed into a complete data stream using the sequence numbers.  Missing segments can be requested from the source.  It is then directed to the appropriate application identified in the segment header. 28
More slides like this


Slide #29.

Same Order Delivery  Segments can arrive out-of-order but are reorganized using sequence numbers. Having taken different routes to the destination, the segments arrive out of order. NOTE: •Establishing a Session, Reliable Delivery, and Flow Control will be discussed 29 later.
More slides like this


Slide #30.

TCP Header 30
More slides like this


Slide #31.

Source Port (16) Destination Port (16) Sample TCP Segment Capture Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Checksum (16) Window (16) Urgent (16) Options Application Layer Data 31
More slides like this


Slide #32.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Checksum (16) Window (16) Urgent (16) Options Application Layer Data Source SourcePort Port(16 (16bits) bits) –– –– Number Numberofofthe thecalling callingport. port. Dynamically Dynamicallyassigned assignedto tothe thesending sendinghost. host. –– –– Number Numberranges rangesfrom from1024 1024toto65,535. 65,535. The Thesource sourceport portmakes makesititpossible possibletotohave havemultiple multiple sessions of FTP running simultaneously. sessions of FTP running simultaneously. 32
More slides like this


Slide #33.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Checksum (16) Window (16) Urgent (16) Options Application Layer Data Destination DestinationPort Port(16 (16bits) bits) –– –– –– –– Number Numberofofthe thecalled calledport. port. Sending Sendinghost hostusually usuallyselects selectsaanumber numberbetween between11and and 1023. 1023. End Endsystems systemsuse usethe thesame sameport portnumbers numbersto toselect selectthe the proper application. proper application. E.g., E.g.,when whentelnetting, telnetting,Telnet Telneton onthe thesource source(port (port23) 23)isis talking talkingtotoTelnet Telneton onthe thedestination destination(port (port23). 23). 33
More slides like this


Slide #34.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Sequence SequenceNumber Number(32 (32bits) bits) –– –– Used Usedtotoestablish establishreliability. reliability. Number Numberensures ensurescorrect correct sequencing sequencingofofarriving arrivingdata. data. –– Identifies Identifiesthe theposition positionininthe the sender’s byte stream of data. sender’s byte stream of data. 34
More slides like this


Slide #35.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Acknowledgement AcknowledgementNumber Number(32 (32bits) bits) –– –– Used Usedtotoestablish establishreliability. reliability. Next Nextexpected expectedTCP TCPoctet. octet. 35
More slides like this


Slide #36.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Checksum (16) Window (16) Urgent (16) Options Application Layer Data Header HeaderLength Length(4 (4bits) bits) –– –– Known Knownas asʺʺdata dataoffset offsetʺʺ. . Indicates Indicatesthe thelength lengthofofthe theTCP TCPsegment segmentheader. header. 36
More slides like this


Slide #37.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Control ControlBits Bits(Flags) (Flags)(6 (6bits) bits) –– Includes Includesbit bitcodes, codes,or orflags, flags,that thatindicate indicatethe thepurpose purposeand and function functionofofthe theTCP TCPsegment. segment. 37
More slides like this


Slide #38.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Window Window(16 (16bits) bits) –– Number Numberofofoctets octetsthat thatthe thereceiver receiver isiswilling willingto toaccept. accept. –– This Thisnumber numbercan canbe beadjusted adjustedwhile while data is being transmitted. data is being transmitted. 38
More slides like this


Slide #39.

Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Checksum Checksum(16 (16bits) bits) –– Calculated Calculatedchecksum checksumofofthe theheader headerand anddata data fields. fields. 39
More slides like this


Slide #40.

Port Numbers
More slides like this


Slide #41.

UDP Header TCP Header 0 15 16 16-bit Source Port Number 31 16-bit Destination Port Number 32-bit Sequence Number 32 bit Acknowledgement Number 4-bit Header Length 6-bit (Reserved) U A P R S F R C S S Y I G K H T N N 16-bit TCP Checksum 16-bit Window Size HTTP is Port 80 16-bit Urgent Pointer Options (if any) Data (if any)  Both TCP and UDP use ports (or sockets) numbers to pass information to the upper layers. 41
More slides like this


Slide #42.

The application this TCP segment came from. The application this TCP segment is going to. The application this TCP segment came from. The application this TCP segment is going to. 42
More slides like this


Slide #43.

Port numbers are used to by the sender to tell the receiver which network application it should use for the “Data”. Port numbers are used by the receiver so it knows which application it should send the “Data” to. Application Header + data Port Number Port Number Application Header + data 43
More slides like this


Slide #44.

http://www.iana.org/assignments/port-numbers  TBA  The Internet Assigned Numbers Authority (IANA) assigns port numbers. 44
More slides like this


Slide #45.

Well Known or Registered Port Number  Well Known Ports (Numbers 0 to 1023)  Reserved for common services and applications  Client: TCP destination port  Server: TCP source port Well Known or Registered Port Number 45
More slides like this


Slide #46.

Well Known or Registered Port Number  Registered Ports (Numbers 1024 to 49151)  Assigned to user processes or applications.  Non-common applications.  Client: TCP destination port  Server: TCP source port  May also be used as dynamic or private port (next). Well Known or Registered Port Number 46
More slides like this


Slide #47.

Private/Dynamic Port Number Well Known or Registered Port Number Well Known or Registered Port Number Private/Dynamic Port Number  Dynamic or Private Ports (Numbers 49152 to 65535)  Also known as Ephemeral Ports  Usually assigned dynamically to client applications when initiating a connection.  Client: TCP source port  Server: TCP destination port  May also include the range of Registered Ports (Numbers 1024 to 49151) 47
More slides like this


Slide #48.

Client Server Telnet 48
More slides like this


Slide #49.

Client TCP Header 15 16 0 1028 16-bit Source Port Number 31 16-bit Destination Port Number 23 32-bit Sequence Number 32 bit Acknowledgement Number 4-bit Header Length 6-bit (Reserved) U A P R S F R C S S Y I G K H T N N 16-bit TCP Checksum 16-bit Window Size 16-bit Urgent Pointer Options (if any) Data for Telnet Data (if any) Client  Client sends TCP segment with:  Destination Port: 23 (Well known port number)  Source Port: 1028 (Dynamic Port assigned by client) Server 49
More slides like this


Slide #50.

Server TCP Header 15 16 0 23 16-bit Source Port Number 31 16-bit Destination Port Number 1028 32-bit Sequence Number 32 bit Acknowledgement Number 4-bit Header Length 6-bit (Reserved) U A P R S F R C S S Y I G K H T N N 16-bit TCP Checksum 16-bit Window Size 16-bit Urgent Pointer Options (if any) Data for Telnet Data (if any) Client  Server responds with TCP segment with:  Destination Port: 1028 (Dynamic Port assigned by client)  Source Port: 23 (Well known port number) Server 50
More slides like this


Slide #51.

Notice the difference in how source and destination port numbers are used with clients and servers: Client (initiating Telnet service):  Destination Port = 23 (telnet)  Source Port = 1028 (dynamically assigned) Server (responding to Telnet service):  Destination Port = 1028 (source port of client)  Source Port = 23 (telnet) 51
More slides like this


Slide #52.

49888 49890  Same client to same server - Two different HTTP sessions  Client: Same destination port  Client: Different source ports to uniquely identify this web session. 52
More slides like this


Slide #53.

49888 49890 C:\Users\rigrazia>netstat -n Active Connections TCP or UDP Proto TCP TCP Source Port Local Address 192.168.1.101:49888 192.168.1.101:49890 C:\Users\rigrazia> Destination Port Foreign Address 198.133.219.25:80 198.133.219.25:80 Source IP Connection State State TIME_WAIT TIME_WAIT Destination IP 53
More slides like this


Slide #54.

192.168.1.101 Source Port 49888 49890 Destination Port 198.133.219.25 80 80 80 172.16.5.5 Source Port 49888 www.cisco.com What makes each connection unique? How does the server know which source port 49888 is who?  Connection defined by the pair of numbers:  Source IP address, Source port (From Client to Server)  Destination IP address, Destination port (From Server to Client)  Different connections can use the same destination port on server 54 host as long as the source ports or source IPs are different.
More slides like this


Slide #55.

Sockets 192.168.1.101 Source Port 49888 Destination Port 198.133.219.25 80 www.cisco.com  Combining the transport layer port number and the network layer IP address uniquely identifies a particular application process running on an individual host device.  This combination is called a socket.  A socket pair, consisting of the source and destination IP addresses and port numbers, is also unique and identifies the specific conversation between the two hosts. 55
More slides like this


Slide #56.

Socket Port Number Example 192.168.1.101 Source Port 49888 Destination Port 198.133.219.25 80 www.cisco.com  A client socket might look like this, representing the source IP address and source port number:  192.168.1.101:49888  The socket on a web server might be, representing the destination IP address and destination port number:  192.133.219.25:80  Together, these two sockets combine to form a socket pair:  192.168.1.101:49888, 192.133.219.25:80 56
More slides like this


Slide #57.

TCP or UDP Connection State Source IP Destination IP Source Port Destination Port www.google.com www.cisco.com netstat –n  Note: When downloading a web document and its objects it is common that there will be several TCP sessions created. 57
More slides like this


Slide #58.

Client Requesting a Webpage 58
More slides like this


Slide #59.

Server Replying to the Client 59
More slides like this


Slide #60.

Socket Port Number Example So who makes sure that applications are assigned a specific port number? 60
More slides like this


Slide #61.

Port Numbers  The Internet Assigned Numbers Authority (IANA) assigns port numbers.  The IANA is a standards body that is responsible is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources  Port numbers range from 0 to 65535 (16 bits).  There are three categories of port numbers:  Well Known Ports (0 – 1023)  Registered Ports (1024 – 49151)  Private and/or Dynamic Ports (49152 – 65535) 61
More slides like this


Slide #62.

Well Known or Registered Port Number  Well Known Ports (Numbers 0 to 1023)  Reserved for common services and applications  Client: TCP destination port  Server: TCP source port Well Known or Registered Port Number 62
More slides like this


Slide #63.

Well Known or Registered Port Number  Registered Ports (Numbers 1024 to 49151)  Assigned to user processes or applications.  Non-common applications.  Client: TCP destination port  Server: TCP source port  May also be used as dynamic or private port (next). Well Known or Registered Port Number 63
More slides like this


Slide #64.

Private/Dynamic Port Number Well Known or Registered Port Number Well Known or Registered Port Number Private/Dynamic Port Number  Dynamic or Private Ports (Numbers 49152 to 65535)  Also known as Ephemeral Ports  Usually assigned dynamically to client applications when initiating a connection.  Client: TCP source port  Server: TCP destination port  May also include the range of Registered Ports (Numbers 1024 to 49151) 64
More slides like this


Slide #65.

Transport Layer Port Numbers          Hypertext Transfer Protocol (HTTP) - TCP Port 80 HTTP Secure (HTTPs) - TCP Port 443 Simple Mail Transfer Protocol (SMTP) - TCP Port 25 Post Office Protocol (POP) - TCP Port 110 Telnet - TCP Port 23 File Transfer Protocol (FTP) - TCP Ports 20 & 21 Trivial FTP (TFTP) - UDP 69 Domain Name System (DNS) - TCP/UDP Port 53 Dynamic Host Configuration Protocol - UDP Port 67 & 68 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers 65
More slides like this


Slide #66.

TCP/IP Application Layer Protocols Application Layer Transport Layer Internet Layer Network Access Layer FTP HTTP SMTP Telnet TFTP SNMP DHCP DNS 20 & 21 80 25 23 69 161 67 & 68 53 TCP UDP IP LAN / WAN 66
More slides like this


Slide #67.

Which Connections Are Open on a Host? Apples-MacBook-Pro:~ rigrazia$ netstat Active Internet connections Proto Recv-Q Send-Q Local Address tcp4 0 0 10.0.0.108.54500 tcp4 0 0 10.0.0.108.54485 tcp6 0 0 2601:9:6800:1e6:.54455 tcp6 0 0 2601:9:6800:1e6:.54419 tcp6 0 0 2601:9:6800:1e6:.54400 tcp4 0 0 10.0.0.108.54385 tcp4 0 0 10.0.0.108.54368 tcp6 0 0 2601:9:6800:1e6:.54297 tcp4 0 0 10.0.0.108.53964 tcp4 0 0 10.0.0.108.53939 tcp4 0 0 10.0.0.108.53913 tcp4 0 0 10.0.0.108.53836 tcp4 0 0 localhost.49961 tcp4 0 0 localhost.53264 tcp4 0 0 localhost.49961 tcp4 0 0 localhost.53263 tcp4 0 0 10.0.0.108.52960 tcp4 0 0 10.0.0.108.50737 tcp4 0 0 10.0.0.108.62510 tcp4 0 0 10.0.0.108.62508 Foreign Address a184-51-102-51.d.http g1.v.fwmrm.net.http nuq05s01-in-x11..https edge-star6-shv-0.https 2001:559:0:54::6.https a184-51-102-42.d.http a184-84-222-181..macro nuq05s02-in-x01..https valiente.cabrill.ssh valiente.cabrill.ssh gw094.lphbs.com.http 68.71.212.186.http localhost.53264 localhost.49961 localhost.53263 localhost.49961 channelproxy-shv.https boris.cabrillo.e.imaps boris.cabrillo.e.imaps boris.cabrillo.e.imaps (state) ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED CLOSE_WAIT ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED  Sometimes it is necessary to know which active TCP connections are open and running on a networked host.  Netstat is a network utility that can be used to verify those connections.  It lists the protocol in use, the local address and port number, the foreign address and port number, and the state of the connection. 67
More slides like this


Slide #68.

Netstat Apples-MacBook-Pro:~ rigrazia$ netstat Active Internet connections Proto Recv-Q Send-Q Local Address tcp4 0 0 10.0.0.108.54500 tcp4 0 0 10.0.0.108.54485 tcp6 0 0 2601:9:6800:1e6:.54455 tcp6 0 0 2601:9:6800:1e6:.54419 tcp6 0 0 2601:9:6800:1e6:.54400 tcp4 0 0 10.0.0.108.54385 tcp4 0 0 10.0.0.108.54368 tcp6 0 0 2601:9:6800:1e6:.54297 Foreign Address a184-51-102-51.d.http g1.v.fwmrm.net.http nuq05s01-in-x11..https edge-star6-shv-0.https 2001:559:0:54::6.https a184-51-102-42.d.http a184-84-222-181..macro nuq05s02-in-x01..https (state) ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED CLOSE_WAIT ESTABLISHED ESTABLISHED  Unexplained TCP connections can pose a major security threat.  This is because they can indicate that something or someone is connected to the local host.  Additionally, unnecessary TCP connections can consume valuable system resources thus slowing down the host's performance.  Netstat can be used to examine the open connections on a host when performance appears to be compromised.  Netstat Security Podcast  TCPView 68
More slides like this


Slide #69.

C:\Users\Admin> netstat /? Displays protocol statistics and current TCP/IP network connections. NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-t] [interval] -a -b -e -f -n -o -p proto -r -s -t interval C:\Users\Admin> Displays all connections and listening ports. Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions. Displays Ethernet statistics. This may be combined with the -s option. Displays Fully Qualified Domain Names (FQDN) for foreign addresses. Displays addresses and port numbers in numerical form. Displays the owning process ID associated with each connection. Shows connections for the protocol specified by proto; proto may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s option to display per-protocol statistics, proto may be any of: IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6. Displays the routing table. Displays per-protocol statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6; the -p option may be used to specify a subset of the default. Displays the current connection offload state. Redisplays selected statistics, pausing interval seconds between each display. Press CTRL+C to stop redisplaying statistics. If omitted, netstat will print the current configuration information once. 69
More slides like this


Slide #70.

C:\Users\Admin>netstat Active Connections Proto TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP Local Address 127.0.0.1:5354 127.0.0.1:5354 127.0.0.1:19872 127.0.0.1:27015 127.0.0.1:49155 127.0.0.1:49156 127.0.0.1:49168 127.0.0.1:49172 192.168.1.116:2869 192.168.1.116:49826 192.168.1.116:49828 192.168.1.116:49950 192.168.1.116:50010 192.168.1.116:50011 192.168.1.116:50012 192.168.1.116:50013 [::1]:49772 [::1]:49774 Foreign Address Admin-PC:49155 Admin-PC:49156 Admin-PC:49172 Admin-PC:49168 Admin-PC:5354 Admin-PC:5354 Admin-PC:27015 Admin-PC:19872 Home-Net:42808 www.cisco.com:http 17.172.232.124:5223 17.158.10.21:https ec2-204-236-229-250:http ec2-204-236-229-250:http ec2-204-236-229-250:http ec2-204-236-229-250:http Admin-PC:49774 Admin-PC:49772 State ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED TIME_WAIT ESTABLISHED ESTABLISHED CLOSE_WAIT TIME_WAIT TIME_WAIT ESTABLISHED TIME_WAIT ESTABLISHED ESTABLISHED C:\Users\Admin> 70
More slides like this


Slide #71.

CIS 81 Fundamentals of Networking Chapter 7: Transport Layer Part 1 of 2 CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College [email protected] Fall 2013
More slides like this