Network Layer Proto Headers Flashcards
(30 cards)
helps translate IP addresses (32 bits) and MAC addresses (48 bits) so that they can understand each other; ipv4 is the most widely used;
works between Layer 2 and Layer 3;
ARP address resolution protocol
works at the data link layer, which establishes and terminates a connection between two physically connected devices so that data transfer can take place
MAC address
works at the network layer and is responsible for forwarding packets of data through different routers
IP address
1 is request; 2 is reply;
operation field in chart
ARP
“hardware address” means
MAC address
“protocol address” means
logical address/IP add
fake ARP messages are sent to a target a LAN with the intention of linking their MAC address with the IP address of a legitimate device or server within the network;
data from victims device can be sent to attackers computer instead of the intended device
ARP spoofing
**ARP Header length is _______ long
60 bytes
Length will always be 6 bytes long
Hardware length
When you send an ARP request it says hey i have this MAC address, and ARP is asking for an IP address, the system with that IP address then sends out an ARP reply claiming their IP address and providing their MAC address;
ARP ____ traffic, which means it compensates for those missing IP bits when translating between IP and MAC address
pads
number of hops a data packet takes thru the internet, or thru routers before it gets to its destination
TTL time to live
What is the purpose of the Header Checksum field?
checks for errors in the header
breaks up a single IPv4 packet into multiple smaller packets;
routers are often performing this
IP fragmentation
**3 bit field that declares if the packet is a part of a fragmented data frame or not
IP flags
**reserved, should always be 0; IPv4 evil bit
bit 0
0= May Fragment;
1=Don’t Fragment this packet
bit 1
0 = Last Fragment;
1 = More Fragments follow
bit 2
IPv6 does not support fragmentation if ipv6 packets & any needed fragmentation done to bits too big must be done by the ___;
if a source router receives a “packets too big message”, it sends MTU discovery packets back, and decreases the packet size, while increasing the number of packets sent; fragmentation was felt inefficient because if one packet gets lost the entire fragment is unusable
source node
IPv6 header is a fixed size of ___ bytes
40
field that tells you what kind of traffic it is
DSCP
field that you just set to zero
ECN
field that sends multiple fragmented packets
identification
**replaces the options field;
fixed size must be 64 bits, or 8 bytes long;
If we do not have enough bytes, we pad it & call it a variable size which contains a header extension length field and MUST BE PADDED
IPv6 headers that must be supported by all IPv6 machines:
Hop-by-Hop Options
Destination Options
Routing
Fragmentation
Authentication
Encapsulating Security Payload
IPv6 extension header
**same as TTL; Indicates maximum number of routers a packet is allowed to travel
hop limit