Network Essentials Chapter 9

In the networking world any single communication btw computer and another computer

Is how TCP/IP does connection-oriented communication. TCP is by far the most common type of session on a typical TCP/IP network. Used because connection-oriented sessions are designed to check for errors. If a receiving computer detects a missing packet, it just asks for a repeat as needed.

Synchronize acknowledge finish reset

Runs a distant second place to TCP in terms of the number of applications that use it, but don't let that make you think UDP is not important. UDP is perfect for the types of sessions that don't require the overhead of all that connection-oriented stuff. Best example of an application that uses UDP is Dynamic Host Configuration Protocol (DHCP) can't assume there's another pc ready on either side of the session, so each step of a DHCP session just sends the info for that step wo any confirmation

Ex of a protocol with which you can transfer files from one machine to another. But TFTP using UDP doesn't have any data protection so you would never use TFTP btw computers across the internet. TFTP is popular for moving files btw computers on the same LAN, where the chances of losing packets is very small.

The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite. It is chiefly used by networked computers' operating systems to send error messages—indicating, for instance, that a requested service is not available or that a host or router could not be reached. ICMP^[1] relies on IP to perform its tasks, and it is an integral part of IP. It differs in purpose from transport protocols such as TCP and UDP in that it is typically not used to send and receive data between end systems. It is usually not used directly by user network applications, with some notable exceptions being the ping tool and traceroute. ICMP for Internet Protocol version 4 (IPv4) is also known as ICMPv4. IPv6 has a similar protocol, ICMPv6.

IGMP is the glue that routers use to communicate with hosts to determine a group membership.The Internet Group Management Protocol (IGMP) is a communications protocol used to manage the membership of Internet Protocol multicast groups. IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships. It is an integral part of the IP multicast specification, operating above the network layer, though it does not actually act as a transport protocol.^[1] It is analogous to ICMP for unicast connections. IGMP can be used for online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications. IGMP is vulnerable to some attacks^[2][3][4][5], and firewalls commonly allow the user to disable it if not needed. IGMP is only needed for IPv4 networks, as multicast is handled differently in IPv6 networks.

In computer networking, network address translation (NAT) is the process of modifying network address information in datagram (IP) packet headers while in transit across a traffic routing device for the purpose of remapping a given address space into another. Most often today, NAT is used in conjunction with network masquerading (or IP masquerading) which is a technique that hides an entire address space, usually consisting of private network addresses (RFC 1918), behind a single IP address in another, often public address space. This mechanism is implemented in a routing device that uses stateful translation tables to map the "hidden" addresses into a single address and then rewrites the outgoing Internet Protocol (IP) packets on exit so that they appear to originate from the router. In the reverse communications path, responses are mapped back to the originating IP address using the rules ("state") stored in the translation tables. The translation table rules established in this fashion are flushed after a short period without new traffic refreshing their state. As described, the method enables communication through the router only when the conversation originates in the masqueraded network, since this establishes the translation tables. For example, a web browser in the masqueraded network can browse a website outside, but a web browser outside could not browse a web site in the masqueraded network. However, most NAT devices today allow the network administrator to configure translation table entries for permanent use. This feature is often referred to as "static NAT" or port forwarding and allows traffic originating in the 'outside' network to reach designated hosts in the masqueraded network. Because of the popularity of this technique (see below), the term NAT has become virtually synonymous with the method of IP masquerading. Network address translation has serious consequences (Drawbacks, Benefits) on the quality of Internet connectivity and requires careful attention to the details of its implementation. As a result, many methods have been devised to alleviate the issues encountered. See article on NAT traversal.

A 16-bit value btw 0 and 65,535. Web servers use port no 80. Port nos 0-1023 are called well-known port numbers and are reserved for specific TCP/IP applications. Web client's source port number is generated pseudo-randomly by the Web client computer. This value varies by os, but generally falls w/in the values 1024-5000 - the port numbers classically assigned as ephemeral port numbers and 49152-65535 the dynamic or private port numbers.

Recommends using only ports 49152-65535 as ephemeral port numbers.

An ephemeral (short-lived) port is a transport protocol port for Internet Protocol (IP) communications allocated automatically from a predefined range by the TCP/IP stack software. It is typically used by the Transmission Control Protocol (TCP), User Datagram Protocol (UDP), or the Stream Control Transmission Protocol (SCTP) as port for the client end of a client-server communication when the application doesn't bind the socket to a specific port number, or by a server application to free up a service's well-known listening port and establish a service connection to the client host. The allocations are temporary and only valid for the duration of the connection. After completion of the communication session the ports become available for reuse, although most implementations simply increment the last used port number until the ephemeral port range is exhausted. The IANA suggests 49152 to 65535 as "dynamic and/or private ports."^[1] The Berkeley Software Distribution (BSD) uses ports 1024 through 4999 as ephemeral ports, though it is often desirable to increase this allocation. Many Linux kernels use 32768 to 61000. The file system path /proc/sys/net/ipv4/ip_local_port_range contains the range in use. Microsoft Windows operating systems through Server 2003 use the range 1025 to 5000 as ephemeral ports.^[2] Windows Vista and Server 2008 use the IANA range.^[3] FreeBSD uses the IANA port range since release 4.6.

The port numbers from 1024 to 49151 are called registered ports. Less-common TCP/IP apps can register their ports with the IANA

0-1023

1024-49151

49152-65535