Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear experts,

I have a Window 2012 R2 server running DNS, DHCP, and AD DS and a sonicwall firewall. For some reason that my DNS server is not working. When I look at my network connection from Window 7, I can see that IPv4 Default Gateway is, IPv4 DHCP server is on but IPv DNS server is on 68.x.x.x It is not pointing to my DNS which should be the same as the DHCP server ( I am not sure what went wrong as in if there is a mis-configuration in sonicwall firewall/router or the DNS server at

I can see my client PC is not talking to the local DNS server but instead on 68.x.x.x my ISP. Is there a way to configure in order to ensure my client PC will ask my local DNS first if no information can be found then forward to the DNS of my ISP and so forth?  I have set my TCP/IPv4 to Obtain an IP address automatically and Obtain DNS server address automatically. Is there a way to set obtain IP and DNS server automatically rather than set those to static?
Free Tool: IP Lookup
LVL 12
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Striggling with dhcp on linux.  
Need to know scope range, reservations, lease hours/days, % scope used, etc.

Here is what I have:   can can you take  apeek and help with commands?

# File managed by Chef

# set this to store vendor strings.
set vendor-string = option vendor-class-identifier;

allow booting;
allow bootp;
allow unknown-clients;
allow client-updates;

authoritative ;
ddns-domainname "";
ddns-update-style interim;
ddns-updates on;
default-lease-time 6400;
filename "pxelinux.0";
max-lease-time 86400;
next-server 10.x.x.x;
one-lease-per-client true;
ping-check true;
update-static-leases true;

option domain-name "";
option domain-name-servers 10.x.x.x,;
option domain-search "", "", "someothername";
option host-name  = binary-to-ascii (16, 8, "-", substring (hardware, 1, 6));

zone {
 primary 10.x.x.x;
 # uses name format could use IP address format
# zone {
#  primary serverhostname;
# }

include "/etc/dhcp/groups.d/list.conf";
include "/etc/dhcp/subnets.d/list.conf";
include "/etc/dhcp/hosts.d/list.conf";
~     …
We have a TCP/IP interface between a Millennium SPA POS system and Oracle Opera PMS system at our Hotel. There are a total of 8 interfaces and 7 of them have no issues. This specific one keeps disconnecting on the POS side. I have a packet capture that shows all traffic over the specified port and it looks like every 15 minutes exactly the interface disconnects.  On the POS side, we get an error message a pop up that must be clicked. Once you click ok on the pop up, the systems immediately automatically reconnect with out issue. As far as i can tell there is zero traffic unless someone is actually sending a transaction across. There is absolutely no keep alive being sent as far as i can tell.

I have attached a packet capture here.

I have not dealt with these serial/ip interfaces very often and dont really know what i am looking for in the packet capture. But it does look like the PMS system is sending a RST packet which from what i am reading terminates the connection.  Can anyone confirm this is what is going on based on the attached packet capture? I appreciate any assistance here. We have been battling this for 2 weeks now and both sides vendors are telling us it is the other sides problem.

Cloud based application having issues with ldaps bind to our Domain Controller in DMZ.
The application vendor is seeing the follwoing log entries on their side:
           [7:Public User][1024:application notice][R] (:) - Unable to bind to the LDAP server.

Based on this they have taken a wireshark capture and seen the following sequence of packets:-
Source -> destination (DC)   TCP    49662->636 [ACK] Seq=805 Ack=12910
Source -> destination (DC)   TLSv1  Application data
Source -> destination (DC)   TLSv1  Encrypted Alert
Source -> destination (DC)   TCP    49662->636 [FIN, ACK] Seq=927 Ack=12910
destination (DC) -> Source   TCP    636->49662 [ACK] Seq=12910 Ack=928
destination (DC) -> Source   TCP    636->49662 [RST,ACK] Seq=12910 Ack=928

They are saying that the reason packet analyser highlights the [RST, ACT] packets in red is because after the connection closure by Cloud Application server (source) [FIN, ACK] , server is expecting a final [FIN, ACK] from Domain Controller  (destination) but [RST, ACK] arrives instead. And thus they believe that it could be a issue with the Domain Controller.

Is this claim correct?
What can we do to troubleshoot this further?
I can see in a packet X-Forwarded-For info such that I can see the original source
address of the packet sent to the front end of my load balancer. Now if I am using
wireshark and I only wanted to see packets with a specific x-forwarded-for value,
how could I do that?
Windows 10 Pro machine with a USB 4G card changes the TCP/IP v4 settings to a blank IP address when connecting to the mobile network. If I change this back to dhcp as soon as I connect again it reverts back. This is the second machine I have had this problem on and cannot find a solution.
We need to get Speed and Duplex of networked machine via CMD or powershell.   Is there a way to do this, and to get the information, without looking at the switch?
When I go to the website and type in the email domain name of my organization the SPF & DKIM results pass but for the DMARC test I receive a message that says "Thank you for getting started with DMARC. You are currently at the lowest level and receiving reports, which is a great starting point. Please make sure to review the reports, make the appropriate adjustments, and move to either quarantine or reject soon. Additional information about reporting tools can be found here" (see the second screenshot below).

When I click on here I am taken to this website

What values do I need to change or what settings do I need to change within my external DNS server records so that I will pass the DMARC test for this website?

I currently have this TXT record setup within my public DNS records for DMARC:      3600      IN      TXT      "v=DMARC1; p=none;;"

PLEASE NOTE: The actual domain name has been replaced with the word domain above and has been whited out in the screenshot for privacy purposes.

Domain results
What is the correct Time to Live (TTL) value that an email domain's MX record should be set to?
I am receiving intermittent issues on a client server. After a while, users cannot access the internet or internal servers. Unfortunately, I am not on site and only have access to the logs as we need to restart the server before I can get there to minimise down time for all users.

Once the server is restarted, all users can access the internet/internal servers/share drives etc.

This has only come up over the couple of months randomly. Previously the DNS servers on the server had another IP which is the virtual server NIC (nic 2) and the TCP/IP V4 DNS had The 169.x.x.x has been removed and the has been changed to

Would really appreciate what else I should be looking at as this has me stumped. Are there any ports on the firewall that need to explicitly be open?

The errors at the times of the issue commencing is Netlogon error 5774 entries. I have copied one below however have slightly changed the DNS record of the internal domain name. The IP Address is the Server 2012 R2 DC. It is the only one on the network.

The dynamic registration of the DNS record 'DomainDnsZones.DOMAINNAME.local. 600 IN A' failed on the following DNS server:  

DNS server IP address:
Returned Response Code (RCODE): 0
Returned Status Code: 10054  

For computers and users to locate this domain controller, this record must be registered in DNS.  

Determine what might have caused this failure, …
Train for your Pen Testing Engineer Certification
LVL 12
Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

Dear experts,

I came across a situation where I wish to create two subnets as in and

The will be my main network which will contains most of the PCs, printers, etc....

The will be my wifi network which all wireless connections such as phones, scanners, etc...

Here is the situation:

1. only have 1 switch with 48 ports (can be configured)
2. one sonicwall firewall  4 ports in back(can be configured)
3. allow the two networks to talk to one another as in if I have a PC in 192.168.1.x and wish to access a wifi device in 192.168.2.x

Here are the things that I wish to get answered and accomplished:
1. I wish to know what will be the "BEST and SIMPLE" configuration to accomplish this task. Thanks!
2. Is it possible to connect all devices into a single switch (the 48 port switch) and have combination of networks like 192.168.1.x and 192.168.2.x together without utilizing the VLAN?
I want an Button to form that will display my computer's IP address,, how can I do this? Thanks in advance.
I have an VPN trough 2 sites. but i can´t configure the printers through IP.

I open the cmd and ping the IP correctly... but when i try to configure a printer of the other site with the IP, it doen`t work.

For instance:

i can ping a printer in but i can't install this printer on a server 2016 via this IP.

Any tips?
Are other ISPs besides Comcast able to use Comcast's DNS server addresses of &

An organization I am working for has switched over to using Comcast fiber optics as its primary internet service provider (ISP). We also have a second internet service provider (Etheric Networks ( which provides satellite dish based internet services.

Our internet service is set up in a failover configuration using a SonicWALL TZ600 router so that if our primary Comcast fiber optic internet service fails then our internet service will automatically switch over to Etheric until the Comast fiber optic service is restored.

We would like to continue to use the static external DNS server addresses of and in place if our internet service ever switches over to Etheric should the Comcast fiber optic internet service become unavailable.

Our question is if our internet service switches over to using the Etheric internet service will the external IP DNS server addresses of and still be valid and provide timely DNS name resolution?

Or is there a different type of method we should be using to handle our internet service and DNS name resolution switch over?
I need a script that can disable IPV6 remotely, the powershell script I had did not work. The reason being is because when I remote into a machine for some reason opening the network settings as admin does not work. :(
I was reading as below

TCP - is a transport layer protocol. It works over an IP network
HTTP - is an application protocol. It works using TCP on an IP network

i was not clear. Does HTTP also uses HTTP
what other protocols there in networking.

nay good link, resources or free video tutorial to understand clearly these things?
please advise
I inherited a Class B network years ago and am just now wanting to do a major overhaul.  Currently the LAN network is  It is currently just a flat network with servers and clients dispersed throughout.  I want to segment the network into the following categories: Servers (25ea now), Workstations (100ea now), Printers (30ea now), Utility devices (20ea now).  All of our wireless clients are connected on the outside of the firewall and are outside the scope of this question.  Our firewall is a WatchGuard device.

Should I rework the ip address scheme?  If so, can someone layout an example of what I should do?

Need to know about vpn services,vpn name and there related circuit id function?
Ethernet and T1 service-
How they are related to CLLI?
Is there any link between switch and service wire center CLLI?
What are LATA? How it used in modern communication?
Get your problem seen by more experts
LVL 12
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

I have a kernel module, in which :

It changes the saddr field of outgoing packets and fixes it back(daddr) in incomming packets ...
I'm calculating new checksum for ip and tcp headers ...
So in client side I change ip - server side receives it(SYN packet) and sends (SYN-ACK) packet - but client side - sends (Reset) packets and trying again to process tcp handshake ...

I've seen to another kernel-module examples - dnat/snat - my code is analogical ? My be ebtables make my hooks to work incorrect ?

Interfaces: eth0 - XXX.XXX.XXX.1 eth0:0(alias) - XXX.XXX.XXX.2
Client (original ip XX.XX.XX.1(eth0) and XX.XX.XX.2(eth0:0))
                                                               SERVER (ip YY.YY.YY.YY)

     USER-SPACE app creates tcp-socket and connects to (YY.YY.YY.YY)

     TCP (SYN) -----------(packet ip XX.XX.XX.1-YY.YY.YY.YY[ip.sum1, tcp.sum1] )----->
     NF_INET_POST_ROUTING ( ip XX.XX.XX.2-YY.YY.YY.YY[ip.sum2, tcp.sum2] )

     <-------TCP (SYN ACK) ------(packet ip YY.YY.YY.YY-XX.XX.XX.2[ip.sum1, tcp.sum1])
     NF_INET_PRE_ROUTING ( ip YY.YY.YY.YY-XX.XX.XX.1[ip.sum2, tcp.sum2] )


     TCP (RST) - against TCP (ACK) - that is the question ....

Open in new window


Open in new window

I have two questions about "under the hood" processes executed by Webrequest and the getresponse method.

1) I have noticed while packet capturing that, when doing a webrequest with a payload, packets starting a TCP/IP connection are sent and received *before* the getresponse method?  I would have expected the payload to be cached and sent only when the getresponse was called?

2) I have a webrequest case that has me puzzled.  It is an HTTPS URI.  All proceeds as expected (443 TCP/IP connection made before getresponse called) until the getresponse is called.  When that happens, the process attempts to create a new TCP/IP connection to the server, this one being on port 80 (not HTTPS).  Since the request is not HTTPS, the server ignores it and the process times out with a "no response from server".

What would cause the getresponse method to spawn a new connection, and why would it send it via HTTP when the original connection was made via HTTPS?  The certificate for the server is valid, and I have tried turning off the check-certificate functionality.

Thanks for any insight on both questions.

Bryan Hunt
my network is as follows:


Sonic Wall - (gateway

Just double checking, I want the SonicWALL subnet to be private.  I am a little concerned because when I am on a workstation behind the sonic wall I can ping the Comcast gateway, and navigate to the admin portal.

However, when I am directly plugged into the Comcast gateway I cannot ping the 1.1 gateway subnet.  So the SonicWALL subnet is not visible to the main comcast network.  Is my network setup and secured as intended?
Hello Experts,

We have an application which is login on CentOS 6.8 64 bit (GUI Interface) & after login generate tcp port 50000 for make connection with user.
Behind that port there are many connection connected with different-different IP (, 207.12, 207.13) & user name (user1, user2, user3):

Example Output:-
[root@CC ~]# lsof -i :50000
TCPServer 3647 rajat  245u  IPv4 156532      0t0  TCP> (ESTABLISHED)
TCPServer 3647 rajat  261u  IPv4  23354      0t0  TCP *:50000 (LISTEN)
TCPServer 3647 rajat  387u  IPv4  24955      0t0  TCP> (ESTABLISHED)

From this cmd i only check which IP is connected behind port 50000, but i want to check user name also. Please suggest.

Is there such an application that can scan ports between two devices so see there which ports are open/closed/listening?

We have two devices, each one on different sides of wireless link, on the same network, and we wish to confirm there is no issue of ports not working.

The type of app I am think is iperf but for ports.

This morning when I got to work a couple of machines could not access the internet, including my own. The only common thing is that they have all got static IP addresses for RDC connections.

main subnet =>
DHCP scope => -

my static IP =>

On the PC's which have a static address if i change them to DHCP everything works. If they are static they are not able to access anything external. Internal Sites work fine. DNS lookups work fine for both internal and external sites.

I have tried getting a dhcp address on my PC, then setting the exact same IP address manually and see the same restrictive behaviour. Everything was fine yesterday evening when we left, nothing has been changed. i cant see any updates have occurred. i have checked router settings and rebooted several times. still no joy.

Any Help would be appreciated.








Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.