Hello again people, today I'm here with the second blog entry for this chapter. There are a lot of pages left, but let's hope we can do this in three blog posts! Let's start.
The sheer power of TCP/IP can be understood by going into the port numbers. To pass the Network+ exam, it's essential to know how TCP/IP uses port numbers. Basically, port numbers are what make NAT work. Network Administrators should be able to manipulate port numbers to their network's needs. A port number is a 16-bit value between 0 and 65535, to give an example of a popular one, port 80 is used for HTML and other important web stuff. When a web client sends an HTTP ACK to request a web page, the IP packet will look like the figure on pg. 281 in which the destination port is 80. The web client's source port is generated by the web client randomly. The value varies between 1024-5000 which are port numbers that were classically ephemeral port numbers, while 49152-65535 are the dynamic/private ports. Then when the serving system responds to the web client, it uses the ephemeral port number as the destination port to receive info from the web client on the client computer.
Now, the port numbers from 1024-49151 are registered ports. Unlike well-known ports, anyone can use those port numbers for servers or ephemeral numbers on clients. Most operating systems won't use those ports, just the classic ephemeral ports, which are dynamic/private ports. Here's the list:
Well known port numbers: 0-1023
Registered ports: 1024-49151
Dynamic or private ports: 49152-65535
Every computer in a session has to keep the status of communication. In TCP/IP the session info is stored in the RAM, and it's called a "socket" or "endpoint". The session as we know is the connection itself. Here are the summary of terms:
- Terms for the connection data stored on a single computer: socket or endpoint
- terms for the connection data stored on two computer about the same connection: socket pairs or endpoints
- Terms for the whole interconnection - connection or session
When two computers communicate, they store info about the session so they know where to send and receive the data. All operating systems have "netstat" which is a utility to find the endpoint. It works on command line as "netstat -n" to see something like the figure on pg. 283, and you'll see many connections. One thing to note is that just cause a single application is open, that doesn't mean that it's automatically a single connection. The example on pg. 285 will show you what it looks like when you type that command. A single web page will need but one connection, although if it's complex it will need more. The Network+ test will have questions on netstat. The powerful netstat tool will be used a lot since it's important. Mike Meyers recommends getting TCPView, it's open source. It only works on Windows.
Then there's the connection status which changes all the time, and it's useful to have netstat and TCPView to see what's happening on the networked computers. A socket responds to any IP packets that's destined for it's respective port number, and it's called an "open port" or "listening port". Every serving applicatiosn will have an open port. If you happened to run a web server on a computer like my friend Marco, then you will need port 80 open. Start netstat and type "netstat -an" to see all the listening ports. It will give information like the figure on pg. 287. From that point most of the information is based on figures, so just look at that to learn more about listening ports and netstat. The only difficulty really, is identifying what certain connections do. You'll notice my entries are getting shorter. I'm covering more in a smaller amount of time. With that said thanks for reading and goodbye!
Completion Status: 43%
Pages Left:
- Book: 388 pages
- Chapter: 22 pages
No comments:
Post a Comment