Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Networking Protocols

11K

Solutions

16K

Contributors

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

Share tech news, updates, or what's on your mind.

Sign up to Post

Please help me understand about ARP.
I know the local ARP table is cached and records also can be manually added. But how come when I ping a remote IP it doesn't automatically create a corresponding ARP table record?
0
Concerto's Cloud Advisory Services
LVL 4
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Hello ,

I have 2 questions about timestamp ;

1. I have try to convert time stamp value to normal time but it was returned anormal dates :) what is the format of this TS val ?
2. As far as i read on the http://www.networksorcery.com/enp/protocol/tcp/option008.htm 


This field is only valid if the ACK bit is set in the TCP header.


but nearly all SYN packets in normal traffic not a DDOS has TSval  while ack was not sScreen-Shot-2017-08-27-at-18.05.41.pnget
0
Hi Sir,

Would like to ask for your help about the problem listed below,

[Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xccb797a8) not found (maybe expired)

Hoping that you can help me resolve this matter.


Thank you in advance.
0
Is this a mistake or  am i  checking sth wrong , how should be a packet with missing checksum ?

0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 25 8b cb 00 00 fd 11 d7 aa 89 3c 5a 64 b9 b6  .%.........<Zd..
0020   bc fa fc 5d 69 87 00 11 00 00 ff ff ff ff 55 38  ...]i.........U8
0030   55 76 03 00 00 00 00 00 00 00 00 00              Uv..........

Open in new window


Screen-Shot-2017-08-13-at-17.28.06.png
0
Dear Team,

There is port already open between  Source -target servers.
i have tested the same using telnet command.

However while I am creating some Datasource in Application server, i am getting  the above error message.

Kindly let me know if there anything required  at OS/App servet/network side .

Kindly advice
=== ERR MESSAGE IS =========
>
<Aug 7, 2017 4:52:24 PM AST> <Warning> <Deployer> <BEA-149004> <Failures were detected while initiating activate task for application 'test'.>
<Aug 7, 2017 4:52:24 PM AST> <Warning> <Deployer> <BEA-149078> <Stack trace for message 149004
java.rmi.RemoteException: [Deployer:149150]An IOException occurred while reading input.; nested exception is:
        java.net.NoRouteToHostException: No route to host
        at weblogic.deploy.service.internal.transport.http.HTTPMessageSender.sendMessageToServerURL(HTTPMessageSender.java:343)
0
Screen-Shot-2017-08-06-at-11.30.59-A.png
on the topology above , I have R1 and R6 on AS 1, R5 on AS3 , R2,R3,R4 on AS2

I would like to have Routers on AS1 (R1 and R6) Not take route through AS3 to reach routers inside AS2, instead I want AS1 routers to go straight to AS2 through R1 using BGP Default Local Preference command on R1

you can see in the config below on R1 :
bgp default local-preference 600


Below is the BGP route configuration on R1, R6, R3. As you can see R6 is going through AS3 to reach routers in AS2 instead of going straight to AS2 through R1

If you need more info , please feel free to ask.


Thank you

R1#sh run | beg router bgp
 bgp default local-preference 600
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 2
 neighbor 192.168.16.6 remote-as 1

Open in new window


R6#sh run | beg router bgp
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.16.1 remote-as 1
 neighbor 192.168.56.5 remote-as 3

Open in new window


R5#sh run | beg router bgp
router bgp 3
 network 5.5.5.0 mask 255.255.255.0
 neighbor 192.168.35.3 remote-as 2
 neighbor 192.168.56.6 remote-as 1

Open in new window


R1# sh ip bgp
BGP table version is 13, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       0.0.0.0                  0         32768 i
* i2.2.2.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2             0             0 2 i
* i3.3.3.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2                           0 2 i
* i4.4.4.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2                           0 2 i
* i5.5.5.0/24       192.168.56.5             0    100      0 3 i
R1#

Open in new window


R6#sh ip bgp              
BGP table version is 6, local router ID is 192.168.56.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i1.1.1.0/24       192.168.16.1             0    600      0 i
* i2.2.2.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
* i3.3.3.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
* i4.4.4.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
*> 5.5.5.0/24       192.168.56.5             0             0 3 i

Open in new window



R5# sh ip bgp             
BGP table version is 10, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       192.168.56.6                           0 1 i
*> 2.2.2.0/24       192.168.35.3                           0 2 i
*> 3.3.3.0/24       192.168.35.3             0             0 2 i
*> 4.4.4.0/24       192.168.35.3                           0 2 i
*> 5.5.5.0/24       0.0.0.0                  0         32768 i
R5#

Open in new window

0
Need list of unencrypted protocols.

I know only port 80(HTTP) and 21(FTP)
0
bgp
on the topology above  I have R1 and R2 on AS12 and R3 on AS3

I am using Next-Hop-Self on R2 to tell R1 "in order to reach R3 come to me", but does not seem to work.

Here is the configuration  of BGP on each router.
R1#sh run | beg router bgp
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 12

Open in new window


R2#sh run | beg router bgp
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.12.1 remote-as 12
 neighbor 192.168.12.1 next-hop-self
 neighbor 192.168.23.3 remote-as 3
 neighbor 192.168.23.3 next-hop-self

Open in new window


R3#sh run | beg router bgp
router bgp 3
 no synchronization
 bgp log-neighbor-changes
 network 3.3.3.0 mask 255.255.255.0
 neighbor 192.168.23.2 remote-as 12

Open in new window


I cannot ping from R1 to R3 and vice-versa

If I advertize networks 192.168.12.0 and 192.168.23.0 From R2 then I will be able to ping from R1 to R3 and back

Any idea ?

Thanks
0
bgpon the topology above I configured Route-Reflector on R5 to get full reachability.
My Confusion is I have seen some examples where they configure Next-hop-self.
for instance this :https://www.youtube.com/watch?v=QMkJfnMNZm8

Any BGP expert out there to clarify when Route-Reflector should be used and when Next-hop-self should be used ? If I had used Next-hop-self in my scenario, will that work fine just as Route-reflector did ?

Thank you

======


R2,R5,R3 are on the same AS  (AS2), they are IBGP Routers
 R1 is in AS1 and R4 in AS3



R1#sh run | beg router bgp
router bgp 1
 network 1.1.1.0 mask 255.255.255.0
 network 192.168.12.0
 neighbor 192.168.12.2 remote-as 2

R2#sh run | beg router bgp
router bgp 2
 network 2.2.2.0 mask 255.255.255.0
 network 192.168.12.0
 network 192.168.25.0
 neighbor 192.168.12.1 remote-as 1
 neighbor 192.168.25.5 remote-as 2

R3#sh run | beg router bgp
router bgp 2
 network 3.3.3.0 mask 255.255.255.0
 network 192.168.34.0
 network 192.168.35.0
 neighbor 192.168.34.4 remote-as 3
 neighbor 192.168.35.5 remote-as 2

R4#sh run | beg router bgp
router bgp 3
 network 4.4.4.0 mask 255.255.255.0
 network 192.168.34.0
 neighbor 192.168.34.3 remote-as 2

R5#sh run | beg router bgp
router bgp 2
 no synchronization
 bgp log-neighbor-changes
 network 5.5.5.0 mask 255.255.255.0
 network 192.168.25.0
 network 192.168.35.0
 neighbor 192.168.25.2 remote-as 2
 neighbor 192.168.25.2 …
0
bgp

I have the topology above.
I configured BGP on R1:AS1  ,R2: AS2  and R4:AS2 ,R5:AS3 , I have also configured OSPF on R2,R4,R3
BGP is not configured on R3, just OSPF

Now when I  try to ping R5 from R2 or the R1 from R4 I get the UUUUU

Below is the configuration of all 5 Routers

R1#sh run
Building configuration...

Current configuration : 1385 bytes
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!         
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
! 
!
!
!         
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
 !
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex half
 !
!
interface Ethernet1/0
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/1
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/2
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/3
 no ip address
 shutdown
 duplex half
 !
!
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 2
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
!
!
!

Open in new window

0
Free Tool: Path Explorer
LVL 10
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

bgpI have the topology shown  above.  R1 and R5 are running BGP, R2  and R4 are  running BGP and OSPF , R3 is running just OSPF

I would like to know if I need to run BGP on R3 in addition to OSPF, or just redistribute BGP into OSPF and OSPF into BGP on R2 and R4


Thank you
Screen-Shot-2017-07-27-at-2.33.23-PM.png
1
I have a verizon wireless net extender for signal increase. The extander needs port tcp 53 allowed for this to work. I have included the below packettrace and it looks like it's passing through just fine but... the extender does not work. If I bypass the ASA, it works even though I did not configure any NAT or permit ACL's. I was assuming that since the device start the communication, that I dont need it. I also included a link to verizon about what config I need on ASA. How can I make this work>?

https://www.verizonwireless.com/support/knowledge-base-25525/

FW/pri/act# packet-tracer input inside tcp 10.255.8.20 1234 69.78.34.151 53 detailed
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
 Forward Flow based lookup yields rule:
 in  id=0x2aaadaf78770, priority=1, domain=permit, deny=false
        hits=2410723433, user_data=0x0, cs_id=0x0, l3_type=0x8
        src mac=0000.0000.0000, mask=0000.0000.0000
        dst mac=0000.0000.0000, mask=0100.0000.0000
        input_ifc=inside, output_ifc=any

Phase: 2
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
found next-hop ******* using egress ifc  outside

Phase: 3
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group inside_in in interface inside
access-list inside_in extended permit ip any4 any4 log disable
Additional Information:
 Forward Flow based lookup yields rule:
 in  id=0x2aaad7b2c010, priority=13, 

Open in new window

0
I need to redistribute two (of about 10) static routes into BGP.  My memory  of route-map configurations are a little fuzzy.... does this look right?

ip route 1.1.1.1 255.255.255.255 2.2.2.2 tag 100
ip route 1.1.1.2 255.255.255.255. 2.2.2.2 tag 101

Route-map Static_Routes permit 10
 match tag 100 101

router bgp 00000
 redistribute static route-map Static_Routes
0
bgp
On the  screenshot above R1 is in AS1 and R2 in AS 2
I advertised Loopback networks from both Routers, but cannot see it in each other router BGP table

R1#sh run
Building configuration...

Current configuration : 1519 bytes
!
! Last configuration change at 19:08:12 UTC Tue Jul 25 2017
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef    
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
! 
!         
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 !
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex half
 !
!
interface Ethernet1/0
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/1
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/2
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/3
 no ip address
 shutdown
 duplex half
 !
!
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 network 192.168.12.0
 neighbor 192.168.12.2 remote-as 2
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 2.2.2.2 255.255.255.255 192.168.12.2
!
no cdp log mismatch duplex
!
!
!
!
!
!

Open in new window

0
Hello

I dont understand why I would have this in my eigrp config. What is this filtering at this point? To me, this looks as not having any distribution list at all.

Router#
Router#sh run | sec eigr
router eigrp 2
 distribute-list prefix BLOCK-EIGRP-DEFAULT in
 network 10.0.0.0
 passive-interface default
 no passive-interface Tunnel0
 eigrp stub connected
Router#
Router#
Router#
Router#
Router#
Router#
Router#sh ip prefix-list BLOCK-EIGRP-DEFAULT
ip prefix-list BLOCK-EIGRP-DEFAULT: 2 entries
   seq 5 deny 0.0.0.0/0
   seq 10 permit 0.0.0.0/0 le 32
Router#

Open in new window

0
Is there any cisco switch which can take the full internet BGP table?
0
We just moved from WinINET to WinHTTP. The latter does not have an equivalent InternetCanonicalizeUrl function.

The WinHTTP docs say that WinHTTPOpenRequest does this automatically but there is nothing there that specifically addresses this.

According to this reference you can use WinHTTPCreateURL which uses a URL_COMPONENTS structure to define the various URL parts. In the latter the lpszExtraInfo property is where you put the ?param=xyz& ... part.

Here is my problem - one of the parameters in the paramter string needs to be canonicalized as it could contain non-URL friendly characters (Example &).

With the WinINET version we used InternetCanonicalizeUrl on the specific URL parts which were then appended to the URL string.

Example
If we have a URL now that looks like this
mydomain.com?param='Name & Surname','Description'

Open in new window

And we pass that to WinHTTPOpenRequest - it does not know that the & in Name & Surname is data and not a parameter separator.

Question:
How do we canonicalize individual parameters in the URL with WinHTTP
0
Hi,



Can anyone help in identifying why once my vpn client enabled. I can  ping all other internal IPs except 192.168.4.1(interface DatabaseZone)  and 192.168.3.1. My vpn client assigned 192.168.5.100 which is in  the range ov VpHi,



Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like 192.168.4.1(interface DatabaseZone) . My vpn client assigned 192.168.5.100 which is in  the range of Vpnclients object-group configuration.nclients object-group configuration.

here attached output from "show vpn-sessiondb detail remote"
vpn-sesssiondb-detail.txt
0
Wake-up on Lan over the internet???

Inside LAN environment Wake-up on LAN is working for my PC.
But i want to make Wake-up on Lan working over the internet, I don't have public ip address.
Is it possible? If yes let me know how??


OS: Windows 7 Ultimate 64 bit edition
Processor: Intel i3 3.5Ghz
RAM: 16GB
HDD: 1TB
0
Concerto Cloud for Software Providers & ISVs
LVL 4
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Which traffic will use the next hop in the PBR? The DENY traffic or PERMIT traffic under the ACL? I am pretty sure it means the PERMIT traffic will use the PBR but just want to double check


ip access-list extended PBR
 deny   ip 10.90.28.224 0.0.0.15 any
 deny   ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255
 permit ip 10.0.0.0 0.255.255.255 any


route-map PBR permit 10
 match ip address PBR
 set ip next-hop 10.255.14.1

Open in new window

0
We have Verizon FIOS triple play.  They supplied an actiontech modem router.  

The contract is ending and we are moving to Comcast internet only service.  Verizon wants just the TV boxes back - says I can keep the actiontech.

can we just plug in the coax from comcast into the actiontech and it'll work?  or is it set up / proprietary for Verizon service only?  (right now the actiontech is fed from the Verizon optical box with a cat 5 on the WAN port, but it has a coax connector also.)

Again, we're looking to use this for just the internet only service

Thanks!
0
I have cisco 3650 and 3560G connected one to one port as trunk. Ports are gig1/1/1 to g0/1

What is the recommended etherchannel configuration from port gig1/1/1, gig 1/1/2 to g0/1, g0/2?
0
We currently have a Dell Sonic Firewall that is our firewall as well as our company router.  This is our main router for all of our sites in the company.  We have 16.  We implemented through our EMR (Electronic Medical Records) software an upload to a billing company.  They in turn configure and print bills and send them out to our customers.  This has worked fine for over two years.  When this was implemented, we were not required to make any firewall changes at all.

A week ago, the user doing this procedure received an error that the file could not be uploaded.  She called the EMR company, who in their effort to troubleshoot the problem, changed the upload method from ftp to sftp.  She then tried to upload and she got an additional error that port 22 was unable to send.  Seeing that error, the EMR said that the problem has to do with our firewall.  I spoke with the billing company who tried to do a trace route to our external IP.  They were unsuccessful, but I was able to do a trace route to them.  The only caveat is that the user can do this procedure from home with no problem.

I am willing to make firewall changes if necessary, I just don't know what they would be or why it is necessary now, if no one has made any changes other than the upload method from ftp to sftp.

Please help.  I am desperate.
0
IS-IS router summarization can only be done on L1/L2 router is this correct.
There is now other place to do route summarization.
0
Hello all,

I have some Win 2012 3cx v15 phone systems and was having trouble with apple push notifications for calls to remote devices.  I've determined it to be a TLS issue.  I had used IIS Crypto to remove the less secure SSL 3.0, TLS 1.0 and 1.1, leaving just TLS 1.2 and more secure ciphers.  This breaks apple push notifications from the 3cx server/software.  I put back TLS 1.1, no luck.  Put back TLS 1.0, now push notifications work.  I find it odd that I should still need 1.0 enabled on the server.  

Is apple push still using that protocol and not 1.1 or 1.2, or might there be something else going on here.

I'm by no means familiar with protocols/ciphers, just determined what fixes the problem.
0

Networking Protocols

11K

Solutions

16K

Contributors

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.