Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17







Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.

Share tech news, updates, or what's on your mind.

Sign up to Post

what are the things to check before IP change on windows server?
How to find what all application has IP hard coded? any tools to find what all application are dependent on old IP?
Change of reverse lookup ip on pointer record and host A record and static IP on server and anything else need to be change after changing static IP on server
Enroll in September's Course of the Month
LVL 10
Enroll in September's Course of the Month

This month’s featured course covers 16 hours of training in installation, management, and deployment of VMware vSphere virtualization environments. It's free for Premium Members, Team Accounts, and Qualified Experts!

Google Photo's "Backup & Sync" tool is making my internet connection unusable when I'm uploading photos from my desktop.  I have another desktop & laptop, all on the same WiFi.

I do see I can limit upload and download speed.


If the desktop is the only device requesting bandwidth, I presume that would get all of the bandwidth.

However, when I start using my laptop, shouldn't it share the connection and play nice?

My Comcast is normally 30 Mbps down and 5 Mbps up when I'm not uploading.

When uploading without specifying a limit, it can drop to under 1 download and 1 upload.

I just specified a limit of 400 KB/sec and download limit to 1800 KB/sec to see if that helps.

I need to register a couple internet domain names.

What are the lowest priced internet domain name registrars?
Please help me understand about ARP.
I know the local ARP table is cached and records also can be manually added. But how come when I ping a remote IP it doesn't automatically create a corresponding ARP table record?
Hello ,

I have 2 questions about timestamp ;

1. I have try to convert time stamp value to normal time but it was returned anormal dates :) what is the format of this TS val ?
2. As far as i read on the http://www.networksorcery.com/enp/protocol/tcp/option008.htm 

This field is only valid if the ACK bit is set in the TCP header.

but nearly all SYN packets in normal traffic not a DDOS has TSval  while ack was not sScreen-Shot-2017-08-27-at-18.05.41.pnget
Hello ,

Any body know a wiki that show all legal and illegal combination of tcp-flags for ipv4 ?

Thank you for the help
Understanding IPv6  address range

I have done some reading online about IPv6. I want to know if IPv6 global unicast address is the equivalent of IPv4 Public address.

- what is the range dedicated just for Global unicast addresses ?
in the examples I have seen about IPv6 Global address usually starts with 2000,2001.2002. are there more than that ?

-Is there any Global Multicast Address ? if so , then What is the Range
-Is there any Local Multicast address ? if so , then what is the range?

Thank you
I will be migrating a Google Gmail email domain to Office 365.

I have gone through and completed all the required steps as documented on the Migration Wiz website to do this.

I have created the required TXT record within this company's external DNS provider (asmallorange.com) and have been told by the Office 365 domain wizard that I need to add the records shown in the screenshot to our external DNS provider (asmallorange.com).

Is it possible for me to add these records to our external DNS provider (asmallorange.com) while leaving the existing records for Gmail in place?

I want emails to continue to go to user's email accounts within Gmail. The only thing I want to do now is to finish the domain verification of the domain name that is currently being used by Google/Gmail so I can then use the migrationwiz.com website to migrate the email from the Gmail servers to the Office 365 servers.

Then once this migration has completed I will replace the external DNS Gmail email records with the Office 365 DNS records shown in the screenshot and will create new Outlook profiles for all users so Outlook will connect to the Office 365 servers for email.

What I need to do now is to finish the email domain verification within Office 365 so I can then perform the migration wiz migrations (while we coninue to use Gmail as our email service provider--but I don't want to interrupt any future emails from arriving at the Gmail servers until I officially cut the online DNS …
Hello ,

We are facing with a strange issue  , first of all i need to be sure  , if packet marked with SACK_PERM then does it really need to have TS , WS ?

there is nothing between SACK and MSS values  02 04 05 b4 04 02
0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 3c 7d 23 40 00 2e 06 47 3c 67 f6 c9 98 b9 09  .<}#@...G<g.....
0020   9d c4 81 5b 00 50 39 00 25 a3 00 00 00 00 a0 02  ...[.P9.%.......
0030   72 10 bb 2c 00 00 02 04 05 b4 04 02 08 0a 59 97  r..,..........Y.
0040   58 80 00 00 00 00 01 03 03 07                    X.........

Open in new window

Before Sack_Perm there is additional :      02 04 05 b4   01 01 04 02
0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 30 a6 03 40 00 7e 06 c9 84 bc 47 5a 47 b9 b6  .0..@.~....GZG..
0020   bc fa c4 22 00 35 64 18 ae 7c 16 a5 e2 49 70 02  ...".5d..|...Ip.
0030   20 00 06 04 00 00 02 04 05 b4 01 01 04 02         .............

Open in new window

what is this between MSS & SACK options in the packet ?

Is this a mistake or  am i  checking sth wrong , how should be a packet with missing checksum ?

0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 25 8b cb 00 00 fd 11 d7 aa 89 3c 5a 64 b9 b6  .%.........<Zd..
0020   bc fa fc 5d 69 87 00 11 00 00 ff ff ff ff 55 38  ...]i.........U8
0030   55 76 03 00 00 00 00 00 00 00 00 00              Uv..........

Open in new window

Connect further...control easier
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

What are the exact steps to lookup which company hosts a company's external DNS records?

I will be migrating a company from a corporate Gmail account to Office 365. Currently no one knows which company is being used to host this company's external DNS records. I will need to change these external DNS records to point to the Office 365 servers to successfully complete the migration from Gmail to Office 365.

I'm already familiar with using websites like MXtoolbox.com but where within MXtoolbox.com or other websites can I determine exactly which external DNS provider hosts a company's external DNS records including the MX records?
My issue is two fold, why can I PING an IP of a device that isn't on the network and I can't print.

I have a Datamax label printer that I just created a device description for and assigned it a new IP address, this printer is plugged into a switch, the switch is plugged into a firewall that goes through to another firewall before it gets to the IBM i.  We have two partitions, PROD and TEST.  I copied the device description and out queue from TEST to PROD to ensure they were identical on both sides.  

This printer works perfectly in TEST.  When plugged into the network I am able to print to it, I can PING its IP, TELNET to it and the trace route returns the three expected entries.  When I vary off the device and unplug it from the network I cannot PING it from the IBM i nor the network, I cannot TELNET to it and the trace route only returns the two expected entries.  All as it should be.  

However, in PROD I am unable to print to the device.  When I release a spool file it goes right to RDY status and the writer gets error CPD337F Error CPD337F.  I have verified that the port and IP are correct, I have verified that the remote device is not busy, I have verified that the printer is on line.  I can PING its IP from both the IBM i and the network but I cannot TELNET to it and the trace route returns only two of the three expected entries.  When I vary off the device and unplug it from the network I can still PING it from the IBM i but not from the network, I …
Hello -

I presently have a CIsco ASA 5505 (running ASA version 8.2(1) ) sitting behind my Comcast Business gateway. I have a static public IP through Comcast. The Comcast gateway is in pass-through mode (i.e. its LAN DHCP, WiFi, and MoCa are turned off).

I have configured my Cisco with the necessary VLANs and interfaces such that I have an inside network of 10.0.10.xxx and a DMZ of 192.168.10.xxx.

I am fairly certain that I have the correct NAT and ACL settings done.

From the ASA, I can successfully ping my Comcast static IP and the Comcast gateway address - but nothing else. And, of course, any client devices connected to either the ASA's inside interfaces or DMZ cannot access the Internet.

FWIW, I have also checked with Comcast to make sure there are no compatibility issues with their device and Cisco ASAs (because I'm only getting an orange LED on the Comcast gateway's Ethernet port - no green link light). The ASA is set to auto duplex and speed.

If I configure a laptop with the static IP and plug it directly into the Comcast gateway, it works fine.

I have attached a text file with my ASA configuration.

Can anyone suggest a possible fix?

Thanks much.
I have a classroom of PC's that I need to connect an IP printer to and I'd like to do it quickly.
I'm conducting a training session so I have no admin rights.  But I can CONTROL PANEL=>Add a printer=>Create a new port=>STandard TCPIP port, etc. etc.
How can I make this process quicker so that I don't have to spend so much time at each pc?
I'm thinking some sort of batch file?
What is the process to determine which company hosts an organization's external DNS MX records?
I have disabled the Windows Firewall of my Windows 2012 R2 server, When I telnet to localhost 445, it is ok, but when I tenet to the actual IP 445, it fails.

Anyone have idea of why?

I need the tcp/445 for remote log pulling from a SIEM connector.

I have a multi host cluster using a Distributed Switch on esx. I have 50 ports and 29 available. Currently there are at least 6 vm's running server 2012 with static LAN addresses and have WAN connectivity.  I just created 6 more vm's and assigned static addreses but cannot get WAN. I have verified subnet/gateway etc. I am able to ping the domain controllers and gateway when there is a static assignment. When set with a DHCP address, the servers have WAN. I have tried to remove the virtual NIC, reset tcp/ip stack. I cannot figure why i get no connection on a static address but do on DHCP. I have even tried to enter the DHCP settings manually, exactly the same. Any ideas?
I am connected Biometric Attendance Machine to my system using the Ethernet cable. I assigned IP of the biometric machine and computer system.
When I am doing ping biometric machine I am getting error " Destination Host Unreachable "

I set upIP  of the machine is:
Subnet Mask:

Where as sytem IP
Subnet Mask :
Default Gateway :

I tried by USB connection too but getting failed to connect in ZKTECO BIOMETRIC Software.

Recently had a perculiar issue with clients on one of our customers networks that stopped being able to lookup names on the internal network, losing network drives, gpo etc as a result.

DHCP is served by windows server 2008 DC with DNS service also hosted on this with the relevant pointers to this set up in DHCP.

We ended up having to statically set the DC name in the HOSTS file until I looked at this onsite this morning, I noticed a nslookup was resolving the router as the dns service instead of the DC. Powering off the router and running the same nslookup and it resolved to the DC. DNS and DHCP were both disabled on the router.

I made a change to the Interface in DNS as it was set to 'Listen On All IP addresses' I changed this to 'Listen on specific IP' which was the IP of the DC(Itself). Flushed the cache on the clients, restarted them they got the gpo, drive mappings, and I could resolve the server by name.

However, a nslookup still resulted in the router name rather than the DC name, despite obviously being able to resolve hosts on the network.

I then disabled ipv6 on one of the clients nics and hey presto a nslookup resolved to the IP of the DC, if I re-enable ipv6 on the nic it reverts back to resolving the router.

My thoughts are that the client isn't able to resolve the DC by ipv6 so it is reverting to the server for some reason, perhaps because of forwarders/root hints set up in DNS.

They are up and running again but I have noticed …
Plug and play, no additional software required!
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

I have a remote site with no local tech support. The gateway is a Fortigate firewall. Recently, when trying to sign in to edit firewall rules, I have started getting a logon prompt describing level 15 access and referencing an IOS certificate that cannot be verified. Sometimes it allows the https Fortinet web page login, and sometimes it produces the logon box- obviously a Cisco device. I have tried using an IP scanner but it doesn't allow to browse that IP (Advanced IP Scanner has a dropdown that allows you to see available resources at an IP, such as web pages and FTP sites), and I have not been able to connect via SSH (The only shell option I have is within the Fortigate web administration, and I can't get the page to load reliably for obvious reasons). This site is 3/4 of the way across the country so traveling there is out of the question. I cannot just re-IP the Fortigate for two reasons: I can't get it to save changes, and I can't take down the plant's production gateway from across the country without any kind of guarantee that I'll be able to rescue the device or limit downtime. My goal is to identify the Cisco device, possibly by obtaining the serial number so I can find out who owns it and have them correct it's IP address. I'll welcome any advice as to how to get to that point... Anyone? I appreciate your help.
First, If I am correct:
Standard Access-list  can match traffic based on Source IP address only
Extended Access-list can match traffic based on Source/Destination IP address , port number, protocol, etc...

well, there is also  Named Access-list. We can have Standard Named Access-list and Extended Named Access-list
  Is Standard Named Access-list similar to Standard Access-list, it can match traffic based on Source IP address only ?
Is Extended Named Access-list  similar to Extended  Access-list ,it can match traffic based on Source/Destination IP address , port number, protocol, etc. ?

Thank you
I need to know the difference between :

Access-List 100 permit .....
IP Access-list extended 100.  
  ip access-list extended name

if I have forgotten other access-list types , please list and explain it :)

Thank you
Hello Everyone!

We had some security cameras installed and the installer asked me to open port 8000 for the dvr.  We have a Sonicwall 1260 Pro and I followed the instructions for port forwarding.  I created the service for both TCP/UDP, port 8000 and then created the group.  I used the public server wizard to allow public access to the camera ip.  After everything was complete I used the site, http://www.yougetsignal.com/, to check if port 8000 was open.  Unfortunately, the port is still closed.  I'm stuck figuring what I could be doing wrong.  We do have 2 static ips for the site.  The other ip is used for the fax machine line.  i don't know if this could cause the problem.  Any help is appreciated.

Router: SonicWall 1260 Pro
ISP: Cox
Camera IP:
Port: 8000
In the example below, which wildcard mask will cover  the 4 subnets only

I though is correct, but it will cover more than those 4 subnets.

Any wildcard mask calculator link, will be helpful.

We have an odd situation.

It's a hodgepodge network in a franchisor's location.

It's technically administered from head office on the other side of the country but they get me to do some of the work as I'm less annoying than the main IT.

Windows Server 2012 peer-to-peer system

#1. A windows 7 Professional station gave hard drive warnings (failure imminent) and infection notices
#2. Took station, cloned drive onto SSD
#3. autologon for computer was now erroring out. Had no idea what old password was, created new one with autologon in the registry
$4. Disinfected computer via Malwarebytes and installed Barkly endpoint
#5. Find out that the server is used to access 3 shared folders via peer to peer on the station and that it can't access the shares

At this point I figure that the issue is simply related to the password change, but no.

The server is unable to ping the station, either by name or by ip address. However, the station can ping the server by both name and ip address.

It looked to me as if DNS was incorrectly configured on the server (typo), so I fixed. ( to

#1. I've tried repair network on both.
#2. ipconfig /flushdns on both
#3. rebooted one or both after each or every other change
#4. turned off homegroup on station
#5. changed station network type from home to work
#6. created hosts file entry for station name to ip address
#7. tried to ping TCP/ip 6 address (no go)
#8. checked for saved credentials on the …






Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.