1.1.d Explain IP Operations Flash Cards

Here are all of the flash cards for 1.1.d Explain IP Operations!

If you don’t have or know what Anki is, it is my favorite , free flash card program:
https://apps.ankiweb.net/

Here is the Anki package you may import and start using the flash cards right away:
https://upw.io/u6/&1.1.d_Explain_IP_Operations.apkg

If you prefer the plain text flash cards, here they are:

What is the ICMP Type for Destination Unreachable?
Type 3

What is the ICMP Type for Redirect?
Type 5

Which types of devices send ICMP Destination Unreachables?
Hosts and Routers

Which types of devices send ICMP Redirects?
Only routers.

What is another name for an ICMP Type 3 Code 0?
An ICMP Type 3 Code 0 is a Destination Unreachable Net Unreachable message.

What is another name for an ICMP Type 3 Code 1?
ICMP Destination Unreachable Host Unreachable

What is another name for an ICMP Type 3 Code 2?
ICMP Destination Unreachable Protocol Unreachable

What is another name for an ICMP Type 3 Code 3?
ICMP Destination Unreachable Port Unreachable

What is another name for an ICMP Type 3 Code 4?
ICMP Destination Unreachable Fragmentation needed but don’t fragment was set

What is another name for an ICMP Type 3 Code 5?
ICMP Unreachable Source Route Failed

What is another name for an ICMP Type 5 Code 0?
ICMP Redirect – Redirect for network

What is another name for an ICMP Type 5 Code 1?
ICMP Redirect – redirect for host

When is an ICMP Type 3 Code 0 Net Unreachable sent?
A router generates an ICMP unreachable to inform the source host that the destination network is unreachable, meaning there’s no route for that network.

When is an ICMP Type 3 Code 1 – Host Unreachable sent?
The router is directly connected to the destination host but the destination host is not responding to ARP requests and thus cannot be reached for packet delivery.

When is an ICMP Type 3 Code 4 – Fragmentation needed but Don’t fragment was set message sent?
A router generates this ICMP unreachable when a packet needs to be fragmented, but the don’t fragment bit is set in the IP header.

When is an an ICMP Type 3 Code 5 – Source route failed message sent?
In this case the router was probably blocking the use of source routing a packet (good to block this because it’s a security flaw).
However it is also possible that the next hop of a strict source route is not reachable.

When is an ICMP Type 5 Code 0 – Redirect for Network message sent?
Only used for classful networks, disregard it

When is an ICMP Type 5 code 1 redirect for host message sent?
This message is sent from a router to a source host when the router receives a packet to a destination that has a next hop reachable on the same network the source sent from.  This message is usually a sign of bad design and is an inefficient traffic path. Once the host receives this packet he places a temporary host route in his route table for this so that subsequent packets to the destination network go the better path. These entries usually only last as long as the connection or flow does and thus happen often.

What is another name for an ICMP Type 5 Code 2?
ICMP redirect for ToS and Network

What is another name for an ICMP Type 5 Code 3?
ICMP Redirect for ToS and Host

When is an ICMP Type 5 Code 2 Redirect for ToS and Network message sent?
This message is sent out to redirect a  host to take a different path, for a classful network destination, however take into account the ToS in the IP header (must be configured for it)

When is an ICMP Type 5 Code 3 Redirect for ToS and host message sent?
This message is sent when a Router needs to redirect a host to take a different/better route to a host destination, but it takes the ToS of the IP header into account if QoS is configured for it.

Why are IPv4 Options in the header undesirable?
These types of packets cannot be CEF switched and must be punted to the CPU.

How big (in bytes) is the IPv4 header normally without any options set?
20 bytes

What is the maximum size (in bytes) an IPv4 header can be with options?
40 Bytes

In the IPv4 header, what is the version field for? What does it normally contain?
This is declaring the version of IP, which seems kind of silly because it is already declared in the Ethertype in the ethernet header. This option is always 4 for IPv4.

In the IPv4 header, what does IHL stand for? What is it used for? What are its min. and max. values?
IHL stands for Internet Header Length, it is the total size of the IPv4 header. The min is 20 Bytes with no options, the max is 40 Bytes, with options.

In the IPv4 header, what is the DSCP field?
This is the value carried in the IP header to indicate one of 46 options for QoS. This header is 8 bits.

In the IPv4 header, what is ECN?What is it used for?
This header is part of the DSCP header.The explicit congestion notification (ECN) bits are used to carry 4 possible options.1 for not ECN capable, 2 for ECN capable, and 1 for congestion encountered.  Hosts agree to ECN, then routers along the path may trigger the ECN bit via a QoS policy when congestion is noticed instead of dropping the packet.

In the IPv4 header, what is the total length field?
This field denotes the total size of this IP Packet (not eth headers)

In the IPv4 header, what is the identification field for?
This field is assigned a number to all fragments of an IP packet to keep track of it.
Such that if we had an IP packet fragmented into 4 packets, their identification field value would be the same.

In the IPv4 header, what are flags for? These specify whether we should NOT fragment the IP packet, or whether this packet is a fragment of an IP packet.

In the IPv4 header, what is the fragment offset field? This field is used to identify this fragment’s place in the IP packet.

In the IPv4 header, what is the time to live field? This option indicates how many times this packet has been routed. Each router decrements this once. (They can choose not to). It is also useful for preventing routing loops within a network because if a router receives a packet with a TTL of 1, it will drop it and send an ICMP time exceeded message to the source.

In the IPv4 header, what is the protocol field for ? The protocol field is for declaring the upper layer protocol that the IP packet is carrying, options here are things like TCP, UDP, ICMP, OSPF etc…

In the IPv4 header, what is the header checksum field? This field is a checksum of the whole IP packet HEADER. This field is recalculated of the packet is NAT’d by the router doing the NAT.

In the IPv4 header, what is the source address field? The source address field is the original source of THIS ip packet.

In the IPv4 header, what is the destination address field? This field is for the destination of THIS ip packet.

What is loose and strict source routing? Why is it a security risk? Both of these are IPv4 options.

Loose source routing is when we specify one or more intermediate routers our packet should go through to reach the final destination.
Strict source routing is the exact path our packet should take to reach the final destination.
Both are recommended to be blocked because they provide malicious users the ability to determine how their packets move through our network instead of following our policies.

In the IPv6 header, what is the version? In the IPv6 header the version is set to 6.

In the IPv6 header, what is the traffic class field? This field is similar to the ToS/DSCP field in the IPv4 header, it’s used to tell us about the QoS markings on a packet. We also keep our ECN bits in here.

In the IPv6 header do we still have explicitly congestion notification? Yes, it is in the Traffic class field, it keeps the same functionality.
In the IPv6 header, what is the flow label? This is a field used to provide routers a hash of a packet flow such that they can guarantee packets won’t be sent out of order (this has no implementations yet as far as I know)

In the IPv6 header, what is the payload length? The payload length tells us the total size of the IPv6 packet along with the IPv6 header.

In the IPv6 header, what is the next header? This field tells us the next protocol header after the IPv6 one (tcp, udp, icmpv6, etc…) It is also possible that this header tells us the next extension header if we were using those.

In the IPv6 header, what is the hop limit? The hop limit is the same as the TTL field in IPv4, it protects us from routing loops, once a router receives an IPv6 packet with a hop limit of 1, it decrements it to 0 and generates a time exceeded message, then sends it back to the source.
What are the 2 main differences between the IPv4 and v6 headers? The IPv6 header is bigger (default of 40 bytes) as compared to the IPv4 header. However the IPv6 header is also more simple, featuring less fields.

What do IPv6 routers do with packets that are too large? IPv6 routers CANNOT fragment a packet, they may only send an ICMP6 Type 2 code 0 Packet Too Big  to the source to let them know the next hop MTU.

Where is the fragmentation transfered to in IPv6? Now, only hosts can fragment packets.
In IPv4 and 6, name 3 solutions for avoiding fragmentation.
1. Lower send and receive MTU

2. clamp MSS
3. use PMTUD (Don’t filter ICMP Type 3 Code 4 or ICMPv6 PTB)

On a cisco router what command would you use to clamp the TCP MSS to 1350? ip tcp adjust-mss 1350

In IPv4, what is the minimum MTU possible? 576 Bytes

In IPv6, what is the minimum MTU possible? 1280 bytes

When discussing IP MTU what do we include? We include calculations from the IP header and payload above. We do NOT include ethernet headers in the IP MTU.

What is the default IP MTU today? 1500 Bytes

How would you verify max MTU on a Catalyst switch? show system mtu

On a Catalyst L3 switch, how would we change the Ethernet MTU for 10,100,1000,10000 Mbps interfaces? List both commands. system mtu jumbo 9198 (for 1Gbps and 10Gbps)

system mtu 1998 (for 10,100 Mbps)

How can you check the individual IP and ethernet MTU on a interface? List both commands.
sh ip int for IP MTU

sh int for ethernet MTU

On a layer 3 interface how can you change the IP MTU?
ip mtu

What is true about the relationship between IP and ethernet MTU? The IP MTU cannot be higher than the ethernet MTU because it is dependent upon it.
“What does the command “”system mtu routing 9000″” do?” Changes the IP MTU on L3 interfaces such that it can now route, and send IP packets as big as 9000 Bytes (not including the ethernet headers).

What command can you use to disable source routing on a L3 interface? no ip source-route

In IPv4 options, what are the 3 main fields and their purpose? “Copy field: tells us if the packet is “”datagram & control info”” or “”debugging and management info””

Options class field: tells us what to do with options with IP fragments, “”copy into first fragment””, or “”copy to all fragments””
Numbers feild: Tells us the actual IP options we are using

In IPv4 options, what are the end of operation, and no operation options? These options are both used for badding to align the options fields to the IPv4 header, they serve no other purpose.

In IPv4 options, what is the record route option? This option records all the paths that the packet took to get to the destination, they are written by routers that forward the packets. This data is kept in the option field and not packet payload.

In IPv4 options, what is the router alert option? This option is for defining a special IP address of an intermediate router such that when the packet gets to that router, and he says this option with his IP, he can be configured to act upon the value.

In IPv4 options, what are security options? These options are for military applications and are for denoting the secret level of an IP packet, never used.

In IPv4 options, what is the timestamp? This option is edited by every intermediate router that gets the packet, they record the time they received it.

In IPv6 extension headers, what is the IPv6 hop by hop header, why is it special and what’s its main use case? The hop by hop extension header is used to carry info that router’s MUST PROCESS, thus making it special, its main application is in multicast listener Discovery (MLD).

In IPv6 extension headers, what is the destination header? This header carries information for the packet’s destination. Cisco says this is mainly for IPv6 Mobility.

In IPv6 extension headers, what is the routing extension header? This header is similar to source routing header in IPv4. It has the same purpose.

In IPv6 extension headers, what is the fragmentation extension header? This header indicates that this IPv6 packet is part of a fragment from the source.

In IPv6 extension headers, what is the mobility extension header? This header is used to facilitate IPv6 for mobile devices within a mobile network.

In IPv6 extension headers, what is the authentication extension header? This header is the same as the IPSEC AH header, used for authentication and integrity but not encryption of the IPv6 packet.

In IPv6 extension headers, what is the ESP extension header? This IPv6 extension header is the same aas the IPSEC ESP header, used to identify the packet as being encrypted above.