Week 6 - Verifying Connectivity*

Question 1

What does ICMP stand for?

Answer 1

Internet Control Message Protocol

Question 2

How is ICMP mainly used? What uses it?

Answer 2

ICMP is mainly used by a router or remote host to communicate why the transmission failed back to the origin of the message

Question 3

How many sections does an ICMP packet contain?

Answer 3

5 sections

Question 4

What are the sections of a ICMP packet?

Answer 4

1. Type (of message)
2. Code (details, different codes)
3. Checksum
4. Rest of Header (optionally used by Type and Code field)
5. Data Payload (contains entire IP header, first 8 bytes of error packet)

Question 5

What is ping? What type of message is it?

Answer 5

Ping is a command in a program that sends out an ICMP echo request to a destination that asks if it’s there.

Question 6

What is an echo request?

Answer 6

An Echo request asks the destination if it’s there, able to communicate

Question 7

In what OS are you able to use ping?

Answer 7

All major OS

Question 8

How do you ping something?

Answer 8

Type ping command to an IP address or domain name

Question 9

What are some command line flags you can use to control Ping’s behavior?

Answer 9

The size of the ICMP request, the number sent, and how quickly

Question 10

How do you interrupt a ping command event on macOS and Linux?

Answer 10

Control + C

Windows by default gives you 4 ICMP echo replies

Question 11

What is an ICMP echo reply?

Answer 11

The destination, if functioning and able to communicate, sends a reply

Question 12

What is a useful utility to help you determine where in a long chain of router hops the problems are?

Answer 12

Traceroute

Question 13

What is traceroute?

Answer 13

Traceroute is a utility that allows us to track the path/hops between 2 nodes to identify bottlenecks and problems in the network

Question 14

What are 2 tools similar to traceroute? What OS do they work on?

Answer 14

mtr - Linux, MacOS
pathping - Windows

Question 15

Describe the 2 tools similar to traceroute’s functions

Answer 15

mtr - works in real time, continuous updates on output
pathping - runs for 50 seconds, displays final data at once

Question 16

What’s the utility command to enable following the path of a packet from node to node on each OS?

Answer 16

Linux: traceroute
MacOS: traceroute
Windows: tracert

Question 17

Describe the way traceroute manipulates TTL field on the IP level

Answer 17

traceroute manipulates TTL by duplicating each packet by 3 and assigning each packet a TTL that corresponds with the packet number

There will be a time-exceeded message at each router hop since TTL is short

Question 18

What information is displayed with traceroute? 4

Answer 18

1. number of the hop
2. roundtrip time for all 3 packets
3. IP of the device at each hop
4. hostname if traceroute can resolve one

Question 19

What’s included in a ping’s output? 4

Answer 19

1. address sending the ICMP echo reply’
2. how long it took for a roundtrip
3. TTL
4. how big the message is in bytes

Question 20

What are 2 powerful Transport Layer utilities?

Answer 20

1. netcat
2. Test-NetConnection

Question 21

What’s the difference between the 2 powerful Transport Layer tools in terms of OS?

Answer 21

netcat - Linux, MacOS
Test-NetConnection - Windows

Question 22

What is the command for netcat?

Answer 22

nc

Question 23

What are the 2 parts to netcat?

Answer 23

nc host and nc port

Question 24

What’s the command if you’re only curious about a port status using netcat?

Answer 24

nc -z -v google.com 80

Question 25

How do you initiate the netcat command for verbose? What does verbose do?

Answer 25

-v verbose makes the output friendly for humans to read

Question 26

What's the command on Windows to test a connection?

Answer 26

Test-NetConnection

Question 27

How do you test a port connection on Windows?

Answer 27

Test-NetConnection -port (#)

Question 28

What type of request does Test-NetConnection send by default when only typing the host name (domain)?

Answer 28

ICMP echo request (like ping but with more data) also displays what data link layer protocol is being used

Question 29

The protocol used to communicate network errors is known as?

Answer 29

ICMP Internet Control Message Protocol

Question 30

By default, the ping utility sends what type of message?

Answer 30

Echo request

Question 31

On which operating system does traceroute send UDP packets to very high port number?

Answer 31

Linux/Mac OS

Question 32

What is the name resolution tool that displays what server was used to perform the request and the name resolution result?

Answer 32

nslookup

Question 33

what OS is nslookup available on?

Answer 33

all 3 of them

Question 34

how do you start interactive mode for nslookup?

Answer 34

enter nslookup without a host name until angle bracket appears

Question 35

What tool would you use to find the IP address for a domain?

Answer 35

nslookup nslookup twitter.com -> A record is returned

Question 36

what happens if you type server (address) in nslookup interactive mode?

Answer 36

all the name resolution queries will try to be made using THAT server instead of default name server

Question 37

what's the command to return different resource records for a name resolution query?

Answer 37

set type=(resource record type) in nslookup interactive mode

Question 38

What command displays the full response packets including any intermediary requests for the transport layer?

Answer 38

set debug

Question 39

What protocol layer is nslookup?

Answer 39

Transport layer

Question 40

What protocol layer is ping?

Answer 40

Internet layer