Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello ,

We are facing with a strange issue  , first of all i need to be sure  , if packet marked with SACK_PERM then does it really need to have TS , WS ?

there is nothing between SACK and MSS values  02 04 05 b4 04 02
0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 3c 7d 23 40 00 2e 06 47 3c 67 f6 c9 98 b9 09  .<}#@...G<g.....
0020   9d c4 81 5b 00 50 39 00 25 a3 00 00 00 00 a0 02  ...[.P9.%.......
0030   72 10 bb 2c 00 00 02 04 05 b4 04 02 08 0a 59 97  r..,..........Y.
0040   58 80 00 00 00 00 01 03 03 07                    X.........

Open in new window

Before Sack_Perm there is additional :      02 04 05 b4   01 01 04 02
0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 30 a6 03 40 00 7e 06 c9 84 bc 47 5a 47 b9 b6  .0..@.~....GZG..
0020   bc fa c4 22 00 35 64 18 ae 7c 16 a5 e2 49 70 02  ...".5d..|...Ip.
0030   20 00 06 04 00 00 02 04 05 b4 01 01 04 02         .............

Open in new window

what is this between MSS & SACK options in the packet ?

Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Is this a mistake or  am i  checking sth wrong , how should be a packet with missing checksum ?

0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 25 8b cb 00 00 fd 11 d7 aa 89 3c 5a 64 b9 b6  .%.........<Zd..
0020   bc fa fc 5d 69 87 00 11 00 00 ff ff ff ff 55 38  ...]i.........U8
0030   55 76 03 00 00 00 00 00 00 00 00 00              Uv..........

Open in new window

What are the exact steps to lookup which company hosts a company's external DNS records?

I will be migrating a company from a corporate Gmail account to Office 365. Currently no one knows which company is being used to host this company's external DNS records. I will need to change these external DNS records to point to the Office 365 servers to successfully complete the migration from Gmail to Office 365.

I'm already familiar with using websites like but where within or other websites can I determine exactly which external DNS provider hosts a company's external DNS records including the MX records?
My issue is two fold, why can I PING an IP of a device that isn't on the network and I can't print.

I have a Datamax label printer that I just created a device description for and assigned it a new IP address, this printer is plugged into a switch, the switch is plugged into a firewall that goes through to another firewall before it gets to the IBM i.  We have two partitions, PROD and TEST.  I copied the device description and out queue from TEST to PROD to ensure they were identical on both sides.  

This printer works perfectly in TEST.  When plugged into the network I am able to print to it, I can PING its IP, TELNET to it and the trace route returns the three expected entries.  When I vary off the device and unplug it from the network I cannot PING it from the IBM i nor the network, I cannot TELNET to it and the trace route only returns the two expected entries.  All as it should be.  

However, in PROD I am unable to print to the device.  When I release a spool file it goes right to RDY status and the writer gets error CPD337F Error CPD337F.  I have verified that the port and IP are correct, I have verified that the remote device is not busy, I have verified that the printer is on line.  I can PING its IP from both the IBM i and the network but I cannot TELNET to it and the trace route returns only two of the three expected entries.  When I vary off the device and unplug it from the network I can still PING it from the IBM i but not from the network, I …
Hello -

I presently have a CIsco ASA 5505 (running ASA version 8.2(1) ) sitting behind my Comcast Business gateway. I have a static public IP through Comcast. The Comcast gateway is in pass-through mode (i.e. its LAN DHCP, WiFi, and MoCa are turned off).

I have configured my Cisco with the necessary VLANs and interfaces such that I have an inside network of and a DMZ of

I am fairly certain that I have the correct NAT and ACL settings done.

From the ASA, I can successfully ping my Comcast static IP and the Comcast gateway address - but nothing else. And, of course, any client devices connected to either the ASA's inside interfaces or DMZ cannot access the Internet.

FWIW, I have also checked with Comcast to make sure there are no compatibility issues with their device and Cisco ASAs (because I'm only getting an orange LED on the Comcast gateway's Ethernet port - no green link light). The ASA is set to auto duplex and speed.

If I configure a laptop with the static IP and plug it directly into the Comcast gateway, it works fine.

I have attached a text file with my ASA configuration.

Can anyone suggest a possible fix?

Thanks much.
How to enable Mysql server access through TCP/IP
where mysql installed in Centos machine.,.I am trying to access using mysql workbench it through TCP/IP but throwing error .. attached screenshot.
Where as when I select TCP/IP over SSH .. I can able to connect .
I have a classroom of PC's that I need to connect an IP printer to and I'd like to do it quickly.
I'm conducting a training session so I have no admin rights.  But I can CONTROL PANEL=>Add a printer=>Create a new port=>STandard TCPIP port, etc. etc.
How can I make this process quicker so that I don't have to spend so much time at each pc?
I'm thinking some sort of batch file?
What is the process to determine which company hosts an organization's external DNS MX records?
I have disabled the Windows Firewall of my Windows 2012 R2 server, When I telnet to localhost 445, it is ok, but when I tenet to the actual IP 445, it fails.

Anyone have idea of why?

I need the tcp/445 for remote log pulling from a SIEM connector.

Here is a simple example of CIDR IP blocks

I would like to change them into

So from 4 IP blocks to change them into 1 IP block.

I know how to manually aggregate CIDR blocks, but I have over 5.000 IP blocks.

I’m looking for a tool that will automatically combine adjacent IP blocks into larger IP block.
ATEN's HDBaseT Presentation at InfoComm 2017
ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

I'm receiving this error among others, listed after. I have no idea why this error is coming up! how do I address?

Event 4879 MSDTC Client 2
MSDTC encountered an error (HR=0x80000171) while attempting to establish a secure connection with system SERVERNAME.

More errors that I don't understand and one that Microsoft doesn't even seem to know about (starting with that one)

The error that MS has no info on in Event ID Online help
Event 4230 TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.  This could be related to a problem in the TCP global or supplemental configuration and will cause degraded throughput.
I have a multi host cluster using a Distributed Switch on esx. I have 50 ports and 29 available. Currently there are at least 6 vm's running server 2012 with static LAN addresses and have WAN connectivity.  I just created 6 more vm's and assigned static addreses but cannot get WAN. I have verified subnet/gateway etc. I am able to ping the domain controllers and gateway when there is a static assignment. When set with a DHCP address, the servers have WAN. I have tried to remove the virtual NIC, reset tcp/ip stack. I cannot figure why i get no connection on a static address but do on DHCP. I have even tried to enter the DHCP settings manually, exactly the same. Any ideas?
I am connected Biometric Attendance Machine to my system using the Ethernet cable. I assigned IP of the biometric machine and computer system.
When I am doing ping biometric machine I am getting error " Destination Host Unreachable "

I set upIP  of the machine is:
Subnet Mask:

Where as sytem IP
Subnet Mask :
Default Gateway :

I tried by USB connection too but getting failed to connect in ZKTECO BIOMETRIC Software.

Recently had a perculiar issue with clients on one of our customers networks that stopped being able to lookup names on the internal network, losing network drives, gpo etc as a result.

DHCP is served by windows server 2008 DC with DNS service also hosted on this with the relevant pointers to this set up in DHCP.

We ended up having to statically set the DC name in the HOSTS file until I looked at this onsite this morning, I noticed a nslookup was resolving the router as the dns service instead of the DC. Powering off the router and running the same nslookup and it resolved to the DC. DNS and DHCP were both disabled on the router.

I made a change to the Interface in DNS as it was set to 'Listen On All IP addresses' I changed this to 'Listen on specific IP' which was the IP of the DC(Itself). Flushed the cache on the clients, restarted them they got the gpo, drive mappings, and I could resolve the server by name.

However, a nslookup still resulted in the router name rather than the DC name, despite obviously being able to resolve hosts on the network.

I then disabled ipv6 on one of the clients nics and hey presto a nslookup resolved to the IP of the DC, if I re-enable ipv6 on the nic it reverts back to resolving the router.

My thoughts are that the client isn't able to resolve the DC by ipv6 so it is reverting to the server for some reason, perhaps because of forwarders/root hints set up in DNS.

They are up and running again but I have noticed …
I have a remote site with no local tech support. The gateway is a Fortigate firewall. Recently, when trying to sign in to edit firewall rules, I have started getting a logon prompt describing level 15 access and referencing an IOS certificate that cannot be verified. Sometimes it allows the https Fortinet web page login, and sometimes it produces the logon box- obviously a Cisco device. I have tried using an IP scanner but it doesn't allow to browse that IP (Advanced IP Scanner has a dropdown that allows you to see available resources at an IP, such as web pages and FTP sites), and I have not been able to connect via SSH (The only shell option I have is within the Fortigate web administration, and I can't get the page to load reliably for obvious reasons). This site is 3/4 of the way across the country so traveling there is out of the question. I cannot just re-IP the Fortigate for two reasons: I can't get it to save changes, and I can't take down the plant's production gateway from across the country without any kind of guarantee that I'll be able to rescue the device or limit downtime. My goal is to identify the Cisco device, possibly by obtaining the serial number so I can find out who owns it and have them correct it's IP address. I'll welcome any advice as to how to get to that point... Anyone? I appreciate your help.
Need to refresh DHCP IP address reassign Needed to command
Michelle Phillips
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens. Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my now good bipolar friendly software.
First, If I am correct:
Standard Access-list  can match traffic based on Source IP address only
Extended Access-list can match traffic based on Source/Destination IP address , port number, protocol, etc...

well, there is also  Named Access-list. We can have Standard Named Access-list and Extended Named Access-list
  Is Standard Named Access-list similar to Standard Access-list, it can match traffic based on Source IP address only ?
Is Extended Named Access-list  similar to Extended  Access-list ,it can match traffic based on Source/Destination IP address , port number, protocol, etc. ?

Thank you
I need to know the difference between :

Access-List 100 permit .....
IP Access-list extended 100.  
  ip access-list extended name

if I have forgotten other access-list types , please list and explain it :)

Thank you
Plug and play, no additional software required!
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

Hello Everyone!

We had some security cameras installed and the installer asked me to open port 8000 for the dvr.  We have a Sonicwall 1260 Pro and I followed the instructions for port forwarding.  I created the service for both TCP/UDP, port 8000 and then created the group.  I used the public server wizard to allow public access to the camera ip.  After everything was complete I used the site,, to check if port 8000 was open.  Unfortunately, the port is still closed.  I'm stuck figuring what I could be doing wrong.  We do have 2 static ips for the site.  The other ip is used for the fax machine line.  i don't know if this could cause the problem.  Any help is appreciated.

Router: SonicWall 1260 Pro
ISP: Cox
Camera IP:
Port: 8000
In the example below, which wildcard mask will cover  the 4 subnets only

I though is correct, but it will cover more than those 4 subnets.

Any wildcard mask calculator link, will be helpful.

We have an odd situation.

It's a hodgepodge network in a franchisor's location.

It's technically administered from head office on the other side of the country but they get me to do some of the work as I'm less annoying than the main IT.

Windows Server 2012 peer-to-peer system

#1. A windows 7 Professional station gave hard drive warnings (failure imminent) and infection notices
#2. Took station, cloned drive onto SSD
#3. autologon for computer was now erroring out. Had no idea what old password was, created new one with autologon in the registry
$4. Disinfected computer via Malwarebytes and installed Barkly endpoint
#5. Find out that the server is used to access 3 shared folders via peer to peer on the station and that it can't access the shares

At this point I figure that the issue is simply related to the password change, but no.

The server is unable to ping the station, either by name or by ip address. However, the station can ping the server by both name and ip address.

It looked to me as if DNS was incorrectly configured on the server (typo), so I fixed. ( to

#1. I've tried repair network on both.
#2. ipconfig /flushdns on both
#3. rebooted one or both after each or every other change
#4. turned off homegroup on station
#5. changed station network type from home to work
#6. created hosts file entry for station name to ip address
#7. tried to ping TCP/ip 6 address (no go)
#8. checked for saved credentials on the …
Hi guys,

I am a network engineer and I have a requirement where I was asked to design IP PBX system with  Analog phones
can I use cat6A cable, CAT6A patch panels or I have to consider 110block?

Can anyone please guide here, it's very urgent...........
What is the difference between Internet Protocol (TCP/IP) Enabled or Industrial standard (modbus, profibus, etc) enabled communications with HVAC systems for the data center?
Let me start off by saying I'm in no way shape or form a network engineer. I am an IT Generalist and I'm in the process of trying to figure out why some remote IP phones have stopped working for a client. I don't want to get too into the weeds, but I've looked at and compared traffic from working equipment to this non working system. What I've seemed to have boiled it down to is:

Working: Phone tries to communicate on Port 6801 with server, server sends RST, ACK - phone then tries Port 6802 - same. Finally phone tries port 6800 and everything works fine.

Non-working: Phone tries to communicate on Port 6801, receives back a RST (without ACK). Phone continually tries to communicate on port 6801 until it reboots and starts over.

I've captured traffic at the server, at the firewall and at the phone. It seems like the packets are leaving the server as RST, ACK, leaving the Firewall as RST, ACK but arriving at the remote location as RST.

I'm looking for ideas on what could cause this?






Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.