I'm going to reference exam topics by number in all future posts. It's quicker. If you don't know what I'm referencing, grab a copy of the CCIE Blueprint from here- https://learningnetwork.cisco.com/docs/DOC-4374
Today's posting only covers the main topical protocols of the chapter. I intend to follow up tomorrow with a second posting regarding the related RFCs mentioned (for SNMP, syslog, NTP, etc).
Book Notes
Ch. 5, IP Services, covers the protocols ARP, Proxy ARP, RARP, BOOTP and DHCP. These are not directly related to one exam topic; instead they are knowledge you might need to understand several other topics. Those include 9.10, 9.30, and 9.40. There may be others, but I think these are the likely culprits for test questions.
ARP and proxy ARP are used by a host to learn another host's MAC address. RARP, BOOTP and DHCP are about a host getting an IP address (and related info, such as DHCP options). Related RFCs you'll want to skim, if not read entirely, are:
RFC and other resource notes
ARP Notes
RFC 826- "The world is a jungle in general, and the networking game contributes many animals."
ARP is used only for resolution in the same broadcast domain
http://docwiki.cisco.com/wiki/Internetworking_Basics
The section "Mapping Addresses" details ARP
Wireshark PCAPs
Grab the packet captures from http://wiresharkbook.com/ and check out a real ARP packet to understand its format
RARP Notes
RFC 903
RARP requires 1+ servers to maintain a mapping of MAC to IP and respond to client requests. The packet format is the same as ARP, but two new OPCODES are used- 3 and 4, request reverse and reply reverse
PCAP- http://www.pcapr.net/ has a RARP sample. Registration is required for the site
BOOTP Notes
RFC 951- BOOTP consists of 2 phases: address assignment and a file transfer (generally TFTP). Port numbers used are 68 (client) and 67 (server).
PCAP- http://www.pcapr.net/ has a BOOTP sample PCAP you can download (registration required)
DHCP Notes
RFC 2131
DHCP is an extension of BOOTP. It follows the format DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPACK (for a normal, working process)
PCAP
The Wireshark Book pcap file dhcp-boot.pcap shows an example of DHCP.
Today's posting only covers the main topical protocols of the chapter. I intend to follow up tomorrow with a second posting regarding the related RFCs mentioned (for SNMP, syslog, NTP, etc).
Book Notes
Ch. 5, IP Services, covers the protocols ARP, Proxy ARP, RARP, BOOTP and DHCP. These are not directly related to one exam topic; instead they are knowledge you might need to understand several other topics. Those include 9.10, 9.30, and 9.40. There may be others, but I think these are the likely culprits for test questions.
ARP and proxy ARP are used by a host to learn another host's MAC address. RARP, BOOTP and DHCP are about a host getting an IP address (and related info, such as DHCP options). Related RFCs you'll want to skim, if not read entirely, are:
- ARP- RFC 826
- Proxy ARP - RFC 1027
- RARP - RFC 903
- BOOTP - RFC 951
- DHCP - RFC 2131
- VRRP - RFC 3768
- NTP - RFC 1305
- Syslog - RFC 5424
- SNMP beginning reference - RFC 3410
- SNMP version 3 - RFC RFCs 2578–2580, 3410–3415
- SNMP ver 2c - RFC 1901
RFC and other resource notes
ARP Notes
RFC 826- "The world is a jungle in general, and the networking game contributes many animals."
ARP is used only for resolution in the same broadcast domain
http://docwiki.cisco.com/wiki/Internetworking_Basics
The section "Mapping Addresses" details ARP
Wireshark PCAPs
Grab the packet captures from http://wiresharkbook.com/ and check out a real ARP packet to understand its format
RARP Notes
RFC 903
RARP requires 1+ servers to maintain a mapping of MAC to IP and respond to client requests. The packet format is the same as ARP, but two new OPCODES are used- 3 and 4, request reverse and reply reverse
PCAP- http://www.pcapr.net/ has a RARP sample. Registration is required for the site
BOOTP Notes
RFC 951- BOOTP consists of 2 phases: address assignment and a file transfer (generally TFTP). Port numbers used are 68 (client) and 67 (server).
PCAP- http://www.pcapr.net/ has a BOOTP sample PCAP you can download (registration required)
DHCP Notes
RFC 2131
DHCP is an extension of BOOTP. It follows the format DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPACK (for a normal, working process)
PCAP
The Wireshark Book pcap file dhcp-boot.pcap shows an example of DHCP.
He was once accordingly observing Download Videos Tipsand brooding when someday he located a coracle drawing to the shore.
ReplyDelete