|
|
 |
|
|
|
Microsoft® Windows® Server 2003 TCP/IP Protocols and Services Technical Reference
|
|
|
Author
|
|
Joseph Davies and Thomas Lee
|
|
|
Pages
|
768
|
|
Disk
|
1 Companion CD(s)
|
|
Level
|
Int/Adv
|
|
Published
|
02/26/2003
|
|
ISBN
|
9780735612914
|
|
Price
|
$49.99
To see this book's discounted price, select a reseller below.
|
|
|
|
|
|
|
|
|
Index
Numbers
3DES encryption algorithm, 613-14
16-character NetBIOS names, 477-78
32-bit subnet mask, 233
A
AAAA queries, 428
AAAA resource records, 270, 427-28, 441
AAL (ATM Adaptation Layer), 57
AAL5 (ATM Adaptation Layer 5), 58-62
framing, 58-59
multiprotocol encapsulation, 61-62
sending IP datagrams, 59-60
sublayers, 57
AAL5 Segmentation Flag field, 54
ABR (area border router), 207
Accept field, HTTP Request message, 567
Accept-Charset field, HTTP Request message, 567
Accept-Encoding field, HTTP Request message, 567
Accept-Language field, HTTP Request message, 567
Accept-Ranges field, HTTP Response message, 570
Access Control field, IEEE 802.5 frame, 17-18
Access-Accept message, RADIUS Authentication, 546-47
Access-Challenge message, RADIUS Authentication, 545, 547
Access-Reject message, RADIUS Authentication, 546-47
Access-Request message, RADIUS Authentication, 544-45, 547
ACCM (Asynchronous Control Character Map), 42, 85
accounting, RADIUS, 518, 524-29, 547-51
Accounting Start message, RADIUS Accounting, 518
Accounting Stop message, RADIUS Accounting, 518
Accounting-Request message, RADIUS Accounting, 548-50, 551
Accounting-Response message, RADIUS Accounting, 551
Acct-Delay-Time attribute, 538
Acct-Input-Octets attribute, 538
Acct-Input-Packets attribute, 539
Acct-Link-Count attribute, 540
Acct-Multi-Session-Id attribute, 539
Acct-Output-Octets attribute, 538
Acct-Output-Packets attribute, 539
Acct-Session-Id attribute, 539
Acct-Session-Time attribute, 539
Acct-Status-Type attribute, 538
Acct-Terminate-Cause attribute, 539
ACK flag, 292, 313-14, 322, 328
ACK segment
TCP connection, 314-15
TCP connection termination, 323-26
TCP data flow, 334-36
Acknowledgment Number field, TCP header, 288, 311, 313-14, 322, 366
acknowledgements. See TCP Acknowledgements
Active Directory, 416
replication, 424, 438
zone transfer, 437
Active Directory-integrated zones, 414, 416
resource records, 441
zone replication, 424
adapter status, 466, 471-72
Additional RR Count field
DNS messages, 444
NetBIOS Name Service messages, 475
Address 1 field, IEEE 802.11 frame, 30
Address 2 field, IEEE 802.11 frame, 31
Address 3 field, IEEE 802.11 frame, 31
Address 4 field, IEEE 802.11 frame, 31
address conflict exchange, 75-76
Address field
frame relay encapsulation, 50-52
LCP compression option, 85
PPP encapsulation, 39
Address Mask field, ICMP message, 233
Address Mask Reply message, 233-34
Address Mask Request message, 233-34
address masks. See subnet masks
Address Recognized indicator, 26
address resolution, 271
Address Resolution Protocol. See ARP (Address Resolution Protocol)
address space
allocating, 171
IPv4 limitations, 265-66
IPv6 improvements, 267
private addresses, 173-74
public addresses, 172-73
Addresses Entry Size field, ICMP message, 228-29
addressing
IPv6, 267-70
LAN encapsulation, 3
WAN encapsulation, 35
adjacencies, 206
Age field, HTTP Response message, 570
agent-driven content negotiation, 576
AH (Authentication header), IPSec. See Authentication header (AH)
algorithms
congestion avoidance, 352-53
dead gateway detection, 360-61
encryption, 613-14, 657
fast recovery, 372
Karn's, 368-70
Nagle, 346-47
slow start, 349-52
aliases, resolving, 433-35
all-ones subnets, 165-66
Allow field, HTTP Response message, 572
all-subnets-directed broadcast address, 166, 177-78
all-subnets-directed broadcast routes, 191-92
all-zeros subnets, 165-66
ALOHA system, 4
American National Standards Institute (ANSI), 24
Answer Count field
DNS Name Query Response message, 450
NetBIOS Name Service message, 474
Answer Entry field, DNS Name Query Response message, 450
Answer RR Count field, DNS message, 443
antireplay, 612
anycast IP addresses, 268
APIPA (Automatic Private IP Addressing), 175-76
DHCP servers and, 380-81
registry settings, 175-76
Application Layer protocol, 278
architecture
ATM technology, 55-57
VPN tunneling, 655
area border router (ABR), 207
ARP (Address Resolution Protocol), 63-79
cache, 64-66
frame structure, 68-73
gratuitous, 73-76
inverse (InARP), 76
MAC address updates, 66
messages, 64
multicast IP traffic, 245-46
overview of, 63-64
proxy, 77-79
registry settings, 66-68
ARP frame structure, 68-73
ARP Request/Reply example, 71-73
Frame Padding field, 73
hardware type values, 69
header fields, 69-71
Network Monitor trace, 71-72
operation values, 70
ARP Reply message, 64, 71-73
ARP Request message, 64, 71-73
ARPA top-level domain, 411
ArpAlwaysSourceRoute registry setting, 68
ARPANET, 409, 588
ArpCacheLife registry setting, 65-66
ArpCacheMinReferencedLife registry setting, 65-66
ArpRetryCount registry setting, 74
ArpTRSingleRoute registry setting, 67
ArpUseEtherSNAP registry setting, 14, 67
article body, 589
ARTICLE command, 592
article headers, 589
article number, 589
ASCII data type, 582
ASs (autonomous systems), 208
Asynchronous Control Character Map (ACCM), 42, 85
asynchronous links, 41-42
ATM Adaptation Layer. See AAL (ATM Adaptation Layer)
ATM Adaptation Layer 5. See AAL5
ATM (cell relay) technology, 52-62
architecture, 55-57
header format, 53-55
IP MTU, 115
ATM Cell Type field, 54
ATM Layer, 56-57
atomic updates, 435
ATRN command, 606
attributes
IPP, 505, 508-13
RADIUS, 520, 527-29, 535-43
AUTH command, 606
Authenticate-Ack message, 89-90
Authenticate-Nak message, 89-90
Authenticate-Request message, 89
authentication
certificate, 642-44
CHAP, 90-92
data origin, 612
EAP, 96-100
IPSec, 616-19, 640-45
Kerberos, 640-42
MS-CHAP, 92-94
MS-CHAP v2, 94-96
PAP, 88-90
peer, 612
PPP, 82, 88-100
preshared key, 644-45
RADIUS, 517-18, 520-24, 544-47
Authentication Data field
IPSec Authentication header, 617
IPSec ESP trailer, 620-21
Authentication header, IPSec, 616-19
fields, 616-17
structure, 616
transport mode, 617-19
tunnel mode, 619
Authentication Protocol, 85
Authenticator field, RADIUS messages, 534
AUTHINFO command, 592
AUTHINFO PASS command, 593
AUTHINFO SIMPLE command, 593
AUTHINFO USER command, 592
Authoritative Answer field
DNS Flags field, 445
NetBIOS Flags field, 476
Authority RR Count field, DNS message, 444
Authorization field, HTTP Request message, 567
Automatic Private IP Addressing. See APIPA (Automatic Private IP Addressing)
autonet. See APIPA (Automatic Private IP Addressing)
autonomous systems (ASs), 208
Auxiliary Data field, IGMPv3 messages, 259
Auxiliary Data Length field, IGMPv3 messages, 259
B
Backward Explicit Congestion Notification (BECN), 52
Banyan Vines, 410
Basic Rate Interface (BRI) line, 43
batch oplocks, 501
BECN (Backward Explicit Congestion Notification), 52
BGP-4 (Border Gateway Protocol version 4), 168, 208
binary subnetting method, 158, 161-63
binary to decimal conversion, 148
bit stuffing, 42
bit-level integrity check
LAN encapsulation, 3-4
WAN encapsulation, 36
bit-wise logical AND method, 156-57, 188
block mode data transfer, 585
B-Node (Broadcast Node), 458
Microsoft modified, 459
name registration, 466
name resolution, 461
BODY command, 593
Boot File Name field, DHCP messages, 389
Boot Protocol (BOOTP), 178, 382
Border Gateway Protocol version 4 (BGP-4), 168, 208
BRI (Basic Rate Interface) line, 43
Broadcast field, NetBIOS Flags field, 476
broadcast IP addresses, 147, 176-78
all-subnets-directed, 177-78
limited, 178
network, 177
subnet, 177
broadcast links, 184-85
Broadcast Node. See B-Node (Broadcast Node)
buffering, 277
byte stream, 285-86
C
CA (certification authority), 637, 642
cache
ARP, 64-66
HTTP, 554, 577
negative, 421
resolver, 421
cacheable resources, 554
Cache-Control field, HTTP message, 573
callback, 82, 101-6
Callback Control Protocol (CBCP), 101
Calling-Station-Id attribute, 537
Cancel-Job IPP operation, 508
Canonical Name (CNAME), 413, 433, 441
CBC (cipher block chaining), 613
CBCP (Callback Control Protocol), 101
CCP (Compression Control Protocol), 103-4
list of options, 103
MPPE and MPPC options, 103-4
CDDI (Copper Data Distributed Interface), 24
Cell Loss Priority (CLP) field, ATM cell header, 55
cell relay technology. See ATM (cell relay) technology
certificate authentication, 642-44
Certificate payload, ISAKMP messages, 638, 643
Certificate Request payload, ISAKMP messages, 637, 643
certificate revocation list (CRL), 644
Certificate Type field, ISAKMP payload, 637
certification authority (CA), 637, 642
CHAP (Challenge Handshake Authentication Protocol), 90-92, 521. See also MS-CHAP (Microsoft Challenge Handshake Authentication Protocol)
MD5 algorithm, 90-91
message structure, 91-92
CHAP-Challenge attribute, 540
CHAP-Password attribute, 536
character stuffing, 37
CHECK command, 593
checksum, 611
Checksum field
ICMP messages, 212
IGMP messages, 251, 255, 259
TCP messages, 288
UDP messages, 280
chunked transfer coding, 575
CIDR, 169-74
allocation views, 170-71
private addresses, 173-74
public addresses, 172-73
routing and, 172
CIDR blocks, 170
CIFS (Common Internet File System), 491-513. See also IPP (Internet Printing Protocol)
bit definitions of server capabilities, 497
connection establishment, 494-98
connection management, 499
disconnecting sessions, 499
distributed file system operations, 499-500
file and printer access, 499
file sharing steps, 493-94
name resolution, 494-98
NEGOTIATE response, 496
opportunistic locks, 500-501
overview of, 492-93
read-ahead and write-behind operations, 500
session operations, 498
SESSION SETUP ANDX SMB components, 497-98
SMB dialects, 495
cipher block chaining (CBC), 613
CIR (committed information rate), 49
Class attribute, 537
Class A address, 150
Class B address, 151
Class C address, 151
Class D address, 151
Class E address, 151
class C network IDs, 170-71
class-based network routes, 190
class-based routing, 201-2
classes
IP address, 150-51
query, 418
resource record, 439
classical IP over ATM, 59
classless routing, 202
Client Class Information option, DHCPREQUEST message, 394
Client Class option, DHCPDISCOVER message, 390
Client Hardware Address field, DHCP messages, 389
Client Identifier option, 405
DHCPDECLINE message, 398
DHCPDISCOVER message, 390
DHCPRELEASE message, 401
DHCPREQUEST message, 394
Client IP Address field, DHCP messages, 389
clients
DHCP, 376
DNS, 418, 420-21, 430-31
FTP, 579-81
HTTP, 554
news, 588
SMTP, 603
VPN, 653
CLOSE WAIT connection state, 329
CLOSED connection state, 329, 332
CLOSING connection state, 329
CLP (Cell Loss Priority) field, ATM cell header, 55
CNAME (Canonical Name), 413, 433, 441
Code field
CHAP messages, 91-92
EAP messages, 97-98, 100
ICMP messages, 212
LCP frame, 83
MS-CHAP Response message, 93
MS-CHAP v2 Response message, 95
PAP messages, 89-90
PPPoE frame, 107
RADIUS messages, 533
code values
Destination Unreachable messages, 216-17
Parameter Problem messages, 232
Redirect messages, 226
coding methods, 575
colon-decimal notation, 268
Command/Response (C/R) field, Frame Relay Address field, 52
command-line utilities, 193
commands. See also specific commands
FTP, 578, 586
NNTP, 592-600
SMTP, 606-8
committed information rate (CIR), 49
Common Internet File System. See CIFS
Common Part Indicator field, AAL5 frame, 58
Communication Administratively Prohibited Because of Firewalls message, 217
Communication with Destination Host Administratively Prohibited message, 217
Communication with Destination Network Administratively Prohibited message, 217
Compress format, 575
compressed mode data transfer, 585
Compressed SLIP (C-SLIP), 38
Compression Control Protocol. See CCP (Compression Control Protocol)
compression schemes, 657
configuration
automatic, 267
IPv4, 266
Configure-Ack message, 86
Configure-Nak message, 86
Configure-Reject message, 86
congestion avoidance algorithm, 352-53
congestion collapse, 356-57
congestion window (cwind variable), 349
congestion avoidance algorithm and, 352-53
fast recovery algorithm and, 372
slow start algorithm and, 349-52
CONNECT method, 560
Connection field, HTTP message, 573
connection management, 499
connections
PPP, 81-82
TCP, 285, 309-32
content codings, 575
content negotiation, 575-77
agent-driven, 576
server-driven, 576-77
transparent, 577
Content-Encoding field, HTTP Response message, 572
Content-Language field, HTTP Response message, 572
Content-Length field, HTTP Response message, 572
Content-Location field, HTTP Response message, 572
Content-Range field, HTTP Response message, 572
Content-Type field, HTTP Response message, 573
control connection
FTP, 578, 579-80
L2TP/IPSec, 662-63
PPTP, 658-60
Control field
frame relay encapsulation, 50
IEEE 802.2 LLC header, 10
LCP compression option, 85
PPP encapsulation, 39-40
control messages, 590
Convergence sublayer (CS), 57
Copper Data Distributed Interface (CDDI), 24
Copy field, IP options, 136
country-based domain names, 411
C/R (Command/Response) field, Frame Relay Address field, 52
CRC field, AAL5 frame, 58
Create-Job IPP operation, 507
CRL (certificate revocation list), 644
cross post, 590
CS (Convergence sublayer), 57
cumulative TCP acknowledgments, 335
cwind (congestion window). See congestion window
D
data circuit-terminating equipment (DCE), 45-47
DATA command, 605-6
data compression, 657
data confidentiality, 612
data connection, 578-80
data encapsulation
L2TP/IPSec, 661-62
PPTP, 658
data encryption, 657
Data Encryption Standard (DES) algorithm, 613, 657
Data field, LCP frame, 83
data flow. See TCP data flow
data integrity, 612
Data Link Connection Identifier (DLCI), 76
Data Link Layer
LAN encapsulations, 3-4
WAN encapsulations, 35-36
X.25 protocol, 46
Data Offset field, TCP header, 288
data origin authentication, 612
data structures, FTP, 581-82
data terminal equipment (DTE), 45-47
Data Transfer Process (DTP), 578
data types
FTP, 582-83
TCP, 337-38, 340-42
database entries, WINS, 465
datagram packet-switching technology, 115
datagram protocol, 114
datagram service, 453
Date field, HTTP message, 573
DCE (data circuit-terminating equipment), 45-47
dead gateway detection, 360-61
decimal subnetting method, 158, 163-65
decimal to binary conversion, 149
DE (Discard Eligibility), 52
default routes, 189-91
DefaultRegistrationTTL registry setting, 430
DefaultTTL registry setting, 124
defending node, 74-75
deflate coding method, 575
delayed TCP acknowledgments, 334
delegation of domains, 424-25
DELETE method, 560
Delete payload, ISAKMP messages, 635
delimitation
LAN encapsulation, 3
WAN encapsulation, 35
demultiplexing
TCP connection data, 291
UDP messages, 283-84
denial-of-service SYN attack, 317-19
DES (Data Encryption Standard) algorithm, 613, 657
Destination Address field
Ethernet II frame, 5
FDDI frame, 25
IEEE 802.3 frame, 10
IEEE 802.5 frame, 18
IP header, 126
Destination field, IP routing table, 187
destination host receiving process, 199-200
Destination Host Unknown message, 217
Destination Network Unknown message, 217
Destination Port field
TCP header, 287, 311-12, 314
UDP header, 280
Destination Unreachable message, 215-19
code values for, 216-17
Network Monitor example, 217-19
PMTU Discovery support, 219-22
structure and fields, 215-16
Destination Unreachable-Fragmentation Needed message, 219-22
DF (Don't Fragment) flag, 128
ICMP message, 216
setting with Ping, 133-34
Dfs operations, 498
DHCP (Dynamic Host Configuration Protocol), 375-407
APIPA facility, 380-81
benefits of using, 375
BOOTP support, 382
clients and servers, 376
DNS integration, 381
how it works, 382-87
IPv4 configuration through, 266
key terms, 376-82
leases, 379, 382-84
MAPCAP as extension of, 245
messages, 378-79, 387-402
options, 376-8, 403-7
overview of, 376
relay agents, 379-80, 385
reservations, 379
Routing and Remote Access integration, 381
scopes, 376-77, 382
subnets, 384-85
unauthorized server detection, 380, 386
updating DNS entries, 386-87
DHCP clients, 376
Client identifier option, 405
options requested by, 406
DHCP Message Type option, 405
DHCPACK message, 396
DHCPDECLINE message, 398
DHCPINFORM message, 402
DHCPOFFER message, 392
DHCPRELEASE message, 401
DHCPREQUEST message, 394
DHCP messages, 378-79
DHCPACK, 396-97
DHCPDECLINE, 397-99
DHCPDISCOVER, 389-91
DHCPINFORM, 402
DHCPNAK, 399-400
DHCPOFFER, 391-93
DHCPRELEASE, 401-2
DHCPREQUEST, 393-95
fields and descriptions, 388-89
format of, 387-88
options present in all, 404-5
overview of, 378-79
DHCP options, 376-77, 403-7
explained, 403
formats, 403-4
levels for managing, 377
options classes, 377-78
present in all DHCP messages, 404-5
requested by DHCP clients, 406
vendor-specific, 406-7
Windows Server 2003 support, 404-7
DHCP Server IP Address field, 389
DHCP servers, 376
changing subnets and, 384-85
detection of unauthorized, 380, 386
Server Identifier option, 405
DHCPACK message, 379, 396-97
DHCPDECLINE message, 379, 397-99
DHCPDISCOVER message, 378, 389-91
DHCPINFORM message, 379, 402
DHCPNAK message, 379, 399-400
DHCPOFFER message, 378, 391-93
DHCPRELEASE message, 379, 401-2
DHCPREQUEST message, 379, 393-95
dialects, SMB, 495
Diffie-Hellman key exchange process, 614
direct deliveries, 183-84
directly attached network routes, 191
directory management requests, 498
DisableDynamicUpdate registry setting, 431
DisableIPSourceRouting registry setting, 143-44
DisableUserTOSSetting registry setting, 122
Discard Eligibility (DE), 52
discovery process, PPPoE, 108-9
Distance Vector Multicast Routing Protocol (DVMRP), 246
distributed file system operations, 499-500
DLCI (Data Link Connection Identifier), 76
DLCI field, Frame Relay Address field, 51
DNS (Domain Name System), 409-51
aliases, 433-35
client configuration, 430-31
components, 410
DHCP integration, 381
domain delegation, 424-25
domain names, 410-11
domain namespace, 410-11
dynamic updates, 414, 427, 435-36
explained, 410
extension mechanism, 428-29
forward queries, 417
forwarder servers, 425-26
inverse queries, 418
IPv6 support, 270, 427-28
key terms, 410-30
messages, 442-51
name queries, 278
name resolution, 431-33
name servers, 410
negative caching, 421
overview of, 410
query classes, 418
query operation, 414
resolver, 410, 418-21
resource records, 412-13, 439-42, 446-47
reverse queries, 417
round robin load balancing, 426-27
security, 429-30
slave servers, 426
top-level domains, 411-12
update operation, 386-87, 414, 427, 435-36
zones, 414-17, 421-24, 437-38
DNS Client Service, 418, 420-21
configuring client functions, 430-31
DNS messages, 442-51
header, 443-45
Name Query, 449
Name Query Response, 450
Name Update, 451
Name Update Response, 451
query message format, 443
question entries, 445-46
resource records, 446-47
Reverse Name Query, 450
types of, 443-49
update, 448-49
DNS resolver, 410, 418-19
resolver cache, 420-21
DNS Security (DNSSEC), 429-30
DNS servers, 425
forwarder, 425-26
slave, 426
dnsNode objects, 441
dnsZone objects, 441
DOI (domain of interpretation), 627
DOI Specific ID Data field, ISAKMP Identification payload, 636
domain of interpretation (DOI), 627
Domain of Interpretation field
ISAKMP Delete payload, 635
ISAKMP Notification payload, 634
ISAKMP SA payload, 628
Domain Name option, DHCPOFFER message, 392
Domain Name Server option, 406
DHCPOFFER message, 392
Domain Name System. See DNS (Domain Name System)
domain names, 410-11
domain namespace, 410-11
domains
delegation of, 424-25
top-level, 411-12
zones vs., 415
DoNotRoundRobinTypes registry setting, 426
dotted decimal notation, 155
double-colon notation, 268
DSAP field, IEEE 802.2 LLC header, 10
DTE (data terminal equipment), 45-47
DTP (Data Transfer Process), 578
duplicate address detection, 271
Duration/ID field, IEEE 802.11 frame, 30
DVMRP (Distance Vector Multicast Routing Protocol), 246
Dynamic DNS Update option, 405
Dynamic Host Configuration Protocol. See DHCP (Dynamic Host Configuration Protocol)
dynamic routing, 205-8
OSPF, 206-7
RIP, 205-6
Windows Server 2003 family and, 207-8
dynamic updates, 427, 435-36
DHCP and, 386-87
disabling, 430-31
E
EA (Extended Address) field, 51-52
EAP (Extensible Authentication Protocol), 96-100, 521
list of types, 98
MD5 CHAP type, 99-100
Request and Response messages, 97-98
Success and Failure messages, 97-98
TLS type, 99-100
EAP-MD5 CHAP authentication, 99-100
EAP-TLS authentication, 100
Echo message, 213-14, 218, 234
Echo Reply message, 214-15, 234
ECP (Encryption Control Protocol), 104
EDNS0 mechanism, 428-29
EDNSCacheTimeout registry setting, 429
EFCI (Explicit Forward Congestion Indication) field, 54
EFS (Extended Filename Server) protocol, 284, 291
EGPs (Exterior Gateway Protocols), 208
EHLO command, 606
e-mail (electronic mail), 602-4
embedded printing, 504
EnableAddrMaskReply registry setting, 234
EnableBcastArpReply registry setting, 68
EnableDeadGWDetect registry setting, 361
EnableICMPRedirect registry setting, 227
EnableMulticastForwarding registry setting, 261
EnablePMTUBHDetect registry setting, 222
EnablePMTUDiscovery registry setting, 222
Encapsulating Security Payload (ESP) header and trailer, 620-24
fields, 620-21
structure, 620
transport mode, 621-23
tunnel mode, 623
encapsulation
LAN, 3-4
WAN, 35-36
encryption algorithms, 613-14, 657
Encryption Control Protocol (ECP), 104
END character, SLIP, 36-37
End Delimiter field
FDDI frame, 26
IEEE 802.5 frame, 19
End option, DHCP messages, 405
End of Option List TCP option, 296
end-nodes, 455, 458
entities, 555, 558
header fields, 572-73
ephemeral ports, 283
Error indicator, 26
ERROR_PASSWD_EXPIRED message, 94, 96
errors
MS-CHAP authentication, 94
MS-CHAP v2 authentication, 96
ESC character, SLIP, 37
ESP header. See Encapsulating Security Payload (ESP) header
ESTABLISHED connection state, 329
ETag field, HTTP Response message, 571
Ethernet, 4-16
Ethernet II frame format, 5-9
fragmentation example, 129-31
historical development of, 4
IEEE 802.3 frame format, 9-11
IEEE 802.3 SNAP frame format, 12-14
interframe gap, 7
IP MTU, 115
maximum receive window size, 343-44
minimum frame size, 8-9
multicast IP mapping, 179-80
special bits on MAC addresses, 14-16
Ethernet II frame format, 5-9
header and trailer, 5-7
IEEE 802.3 frame vs., 11
illustrated, 5
interframe gap, 7
minimum frame size, 8-9
Network Monitor trace, 7
special bits on MAC addresses, 14-16
Ethernet interframe gap, 7
EtherType field, Ethernet II frame, 6
ETRN command, 607
Event-Timestamp attribute, 540
Exchange Type field, ISAKMP header, 626-27
exclusive oplocks, 500-501
Expect field, HTTP Request message, 568
Expires field, HTTP Response message, 573
expiry, 590
Explicit Forward Congestion Indication (EFCI) field, 54
EXPN command, 607
expressing IP addresses, 147-49
Extended Address (EA) field, 51-52
Extended Filename Server (EFS) protocol, 284, 291
Extensible Authentication Protocol. See EAP (Extensible Authentication Protocol)
Extensible Markup Language (XML), 554
extensions, DNS, 428-29
Exterior Gateway Protocols (EGPs), 208
F
Failure message, EAP, 97
fan out printing, 503-4
fast recovery algorithm, 372
fast retransmit behavior, 370-72
FCS field. See Frame Check Sequence (FCS) field
FDDI (Fiber Distributed Data Interface), 24-29
FDDI frame format, 24-26
FDDI SNAP frame format, 26-28
IP MTU, 115
multicast IP mapping, 179-80, 246
special bits on MAC addresses, 28-29
FDDI frame format, 24-26
header and trailer, 25-26
IEEE 802.2 LLC header, 26
illustrated, 24
FDDI SNAP frame format, 26-28
illustrated, 27
Network Monitor trace, 27-28
FECN (Forward Explicit Congestion Notification), 52
Federal Information Processing Standard (FIPS), 613
Fiber Distributed Data Interface. See FDDI (Fiber Distributed Data Interface)
file management requests, 498
file and printer sharing, 491-513
CIFS protocol, 492-501
IPP protocol, 501-13
overview of, 491
file structure, 582
File Transfer Protocol. See FTP (File Transfer Protocol)
filtering, ingress, 173
FIN flag, 293, 322-23
FIN WAIT-1 connection state, 329
FIN WAIT-2 connection state, 329
FIN-ACK segment, TCP connection termination, 322-25
FIPS (Federal Information Processing Standard), 613
First IP Address field, IP options
Internet Timestamp option, 145
Loose Source Route option, 142
Record Route option, 138
Strict Source Route option, 141
Flag field
frame relay encapsulation, 50
PPP encapsulation, 39
Flags field
DHCP messages, 389
DNS messages, 443, 444-45, 448-49
Internet Timestamp option, 145
IP header, 122-23
ISAKMP header, 627
MS-CHAP Response message, 93-94
MS-CHAP v2 Response message, 96
Name Query message, 449
Name Query Response message, 450
Name Update message, 451
NetBIOS Name Service message, 474-76
TCP header, 288, 292-93
flat routing infrastructure, 203-4, 266
flood fill, 590
flow control
TCP, 286
UDP, 278
Forward Explicit Congestion Notification (FECN), 52
forward queries, 417
forwarder servers, 425-26
forwarding process. See also IP forwarding
IP router, 197-99
multicast IP traffic, 247
sending host, 197
forward-path, 603-4
forward-path buffer, 603
FQDN (fully qualified domain name), 411
fragment blocks, 128
Fragment Offset field, IP header, 123, 128-29
fragmentation, 114, 127-36
avoiding, 133-36
example, 129-31
fields, 127-29
fragmenting fragments, 133
Ping utility and, 133-34
PMTU discovery and, 219-22
reassembly and, 131-32
translational bridging and, 134-36
Fragmentation Needed and DF Set ICMP message, 216
Frame Check Sequence (FCS) field
Ethernet II frame, 6-7
FDDI frame, 25
frame relay encapsulation, 50
IEEE 802.11 frame, 31
IEEE 802.3 frame, 10
IEEE 802.5 frame, 19
PPP encapsulation, 40
Frame Control field
FDDI frame, 25
IEEE 802.11 frame, 30-33
IEEE 802.5 frame, 18
Frame Copied indicator, 26
frame format, 4
Frame Padding field, ARP frame, 73
frame relay, 48-52
Address field, 51-52
encapsulation, 50-52
header and trailer fields, 50
IP MTU, 115
X.25 protocol comparison, 49
Frame Status field
FDDI frame, 26
IEEE 802.5 frame, 19
Framed-IP-Address attribute, 537
Framed-MTU attribute, 537
Framed-Protocol attribute, 537
From field, HTTP Request message, 568
FTP (File Transfer Protocol), 577-87
CIFS comparison, 492
commands, 578, 586
components, 579
connections, 579-81, 583-85
data structures, 581-82
data types, 582-83
key terms, 578
operation of, 579-81
overview of, 577-78
responses, 586-87
restart, 585-86
transfer modes, 585
full-duplex data flow, 285, 334
fully qualified domain name (FQDN), 411
Functional Address bit, Token Ring addresses, 23
functional addresses, 23
G
gateway, 554
Gateway IP Address field, DHCP messages, 389
General Format Indicator (GFI), 47
Generic Flow Control (GFC) field, 53-54
Generic Routing Encapsulation (GRE), 657-58
Generic Security Services (GSS), 640
generic TLDs, 411
GET method, 560
Get-Jobs IPP operation, 508
Get-Printer-Attributes IPP operation, 508
GetServByName() function, 283, 290
GFC (Generic Flow Control) field, 53-54
GFI (General Format Indicator), 47
global addresses, 267, 269
GlobalMaxTcpWindowSize registry setting, 345
GNU compression format, 575
gratuitous ARP, 73-76
address conflict exchange and, 75-76
ArpRetryCount registry setting, 74
IP address conflict detection, 74-75
GRE (Generic Routing Encapsulation), 657-58
group address, 244
Group Address field, IGMP messages, 251, 255
GROUP command, 593
Group Flag field, RDATA flags field, 481
Group Record field, IGMPv3 messages, 259
Group-Specific Query message, 254
GSS (Generic Security Services), 640
H
half-open TCP connections, 316-19
explained, 316-17
SYN attack, 317-19
Hardware Address Length field
ARP frame, 70
DHCP messages, 388
Hardware Address Type field, DHCP messages, 388
Hardware Type field, ARP frame, 69
hash algorithms, 613
Hash payload, ISAKMP messages, 636, 641, 645-46
hash-based message authentication code (HMAC), 612
HDLC (High-Level Data Link Control) protocol, 39
HEAD command, 593
HEAD method, 560
Header Checksum field, IP header, 125, 129
Header Error Check (HEC) field, 55
Header Length field, IP header, 118, 128
HELO command, 607
HELP command, 607
heuristic expiration, 577
hierarchical routing infrastructure, 203-4, 267
High-Level Data Link Control (HDLC) protocol, 39
HMAC (hash-based message authentication code), 612
HMAC MD5 hash algorithm, 613
HMAC SHA1 hash algorithm, 613
H-Node (Hybrid Node), 459
name registration, 467
name resolution, 461
hop count, 124
Hops field, DHCP messages, 388
host address resource record, 441
host bits, 158-61
Host field, HTTP Request message, 568
host group, 179, 244
host IDs, 149
rules for enumerating, 152
structure of, 150
Host Membership Query message, 250-51, 254, 257-58
Host Membership Report message, 249, 258-60
Host Name option, 404
DHCPDISCOVER message, 390
DHCPREQUEST message, 394
host routes, 188-90
Host Unreachable message, 216, 218-19
Host Unreachable for Type of Service message, 217
hosted printing, 503
hosts, 183
HOSTS.TXT file, 409
HTML (Hypertext Markup Language), 554
HTTP (Hypertext Transfer Protocol), 553-77
caching, 577
CIFS comparison, 492
content codings, 575
content negotiation, 575-77
header fields, 558, 566-74
key terms, 553-55
messages, 558-74
operation of, 555-57
overview of, 553
request message, 558-61, 567-70
response message, 561-66
status codes, 561-66
URIs, 557-58
HTTP messages, 558-74
headers, 558, 566-74
request, 558-61
response, 561-74
status codes, 561-66
types of, 558
HTTP request messages, 558-61
examples, 558-60
header fields, 567-70
methods, 560-61
HTTP response messages, 561-66
header fields, 570-71
status codes, 561-66
Hybrid Node. See H-Node (Hybrid Node)
Hypertext Markup Language (HTML), 554
Hypertext Transfer Protocol. See (HTTP) Hypertext Transfer Protocol
I
I/G (Individual/Group) bit, 14, 22, 247
IANA (Internet Assigned Numbers Authority), 282, 289, 380, 575
IAS (Internet Authentication Service), 516
ICANN (Internet Corporation for Assigned Names and Numbers), 411
ICMP (Internet Control Message Protocol), 211-42
Address Mask Request/Reply messages, 233-34
Destination Unreachable message, 215-19
Echo message, 213-14, 218
Echo Reply message, 214-15
message structure, 212
overview of, 211-12
Parameter Problem message, 231-32
Pathping utility and, 240-42
Ping utility and, 234-35
PMTU Discovery, 219-22
Redirect message, 224-27
Router Discovery messages, 227-30
Source Quench message, 223-24
Time Exceeded message, 230-31
Tracert utility and, 236-40
types, 213
ICMPv6 (ICMP version 6), 270-71
ICV (Integrity Check Value), 612
ID Type field, ISAKMP Identification payload, 636
Identification field, IP header, 122, 127
Identification payload, ISAKMP messages, 635-36, 641, 643, 645-46
Identifier field
CHAP messages, 91-92
EAP messages, 97-98, 100
ICMP messages, 214, 233-34
LCP frame, 83
MS-CHAP Response message, 93
MS-CHAP v2 Response message, 95
PAP messages, 89
RADIUS messages, 533
identity coding method, 575
IEEE 802.2 LLC header, 10-11, 20, 26, 31
IEEE 802.3 frame format, 9-11
Ethernet II frame vs., 11
header and trailer, 10
IEEE 802.2 LLC header, 10-11
illustrated, 9
special bits on MAC addresses, 14-16
IEEE 802.3 SNAP frame format, 12-14
ArpUseEtherSNAP registry setting, 14
header, 13
illustrated, 12
Network Monitor trace, 13
IEEE 802.5 frame format, 16-20
header and trailer, 17-19
IEEE 802.2 LLC header, 20
illustrated, 17
IEEE 802.5 SNAP frame format, 20-22
illustrated, 20
Network Monitor trace, 21
IEEE 802.11, 29-34
frame format, 29-33
SNAP frame format, 33
wireless node communications, 29
IEEE 802.11 frame format, 29-33
Frame Control Field, 31-33
header and footer, 30-31
IEEE 802.2 LLC header, 31
illustrated, 30
payload, 31
IEEE 802.11 SNAP frame format, 33
IETF (Internet Engineering Task Force), 248, 266, 410, 491, 516
If-Match field, HTTP Request message, 568
If-Modified-Since field, HTTP Request message, 568
If-None-Match field, HTTP Request message, 568
If-Range field, HTTP Request message, 569
If-Unmodified-Since field, HTTP Request message, 569
I/G (Individual/Group) bit. See Individual/Group (I/G) bit
IGMP (Internet Group Management Protocol), 243-64
addresses used in messages, 251, 255
Group-Specific Query message, 254
Host Membership Query message, 250-51, 254, 257-58
Host Membership Report message, 249, 258-60
IGMP, 262-63
IP multicast and, 243-48
Leave Group message, 253
message structure, 250-51, 254-55
multicast querier, 254
Network Monitor examples, 251-53, 255-56
proxy mode interfaces, 262-63
router mode interfaces, 261-64
Routing and Remote Access service and, 261-64
TCP/IP and, 260-61
Windows Server 2003 family and, 260-64
IGMP Version 1 (IGMPv1), 249-53
addresses used in messages, 251
Host Membership Query message, 250-51
Host Membership Report message, 249
message structure, 250-51
Network Monitor examples, 251-53
IGMP Version 2 (IGMPv2), 253-56
addresses used in messages, 255
Group-Specific Query message, 254
Leave Group message, 253
message structure, 254-55
multicast querier, 254
Network Monitor example, 255-56
IGMP Version 3 (IGMPv3), 256-60
Host Membership Query message, 257-58
Host Membership Report message, 258-60
IGMPLevel registry setting, 244
IGPs (Interior Gateway Protocols), 208
IHAVE command, 593
IIS. See Microsoft Internet Information Services (IIS)
IKE (Internet Key Exchange), 624
illegal IP addresses, 173
image data type, 582-83
IMAP (Internet Message Access Protocol), 602
in-addr.arpa domain, 417
InARP (inverse ARP), 76
incremental zone transfers, 423, 437-38
indirect deliveries, 183-84
Individual/Group (I/G) bit, 247
Ethernet addresses, 14
Token Ring addresses, 22
informed discard, 211
infrastructure, IP routing, 200-208
ingress filtering, 173
Initiator Cookie field, ISAKMP header, 625
initiator node IPSec, 615
Integrity Check Value (ICV), 612
interface, next-hop, 187
Interface field, IP routing table, 188
interface identifiers, 269
Interior Gateway Protocols (IGPs), 208
internal current article pointer, 589
International Organization for Standardization (ISO), 39, 411, 660
Internet. See also World Wide Web
domain namespace for, 411
multicast-enabled backbone of, 248
root servers for, 424
top-level domains used on, 412
Internet Assigned Numbers Authority (IANA), 282, 289, 380, 575
Internet Authentication Service (IAS), 516
Internet Control Message Protocol. See ICMP (Internet Control Message Protocol)
Internet Corporation for Assigned Names and Numbers (ICANN), 411
Internet Engineering Task Force (IETF), 248, 266, 410, 491, 516
Internet group, 455
Internet Group Management Protocol. See IGMP (Internet Group Management Protocol)
Internet Information Services (IIS). See Microsoft Internet Information Services (IIS)
Internet Key Exchange (IKE), 624
Internet Layer
ICMP Source Quench message, 223
IPSec security, 611
Internet Message Access Protocol (IMAP), 602
Internet printing, 501-13
embedded, 504
fan out, 503-4
hosted, 503
IPP operation, 502-4
IPP specifications, 505-13
overview of, 501
security, 513
Internet Printing Protocol. See IPP (Internet Printing Protocol)
Internet Protocol. See IP (Internet Protocol)
Internet Protocol Control Protocol. See IPCP (Internet Protocol Control Protocol)
Internet Protocol Security. See IPSec (Internet Protocol Security)
Internet protocols, 553-610
FTP, 577-87
HTTP, 553-77
NNTP, 588-602
SMTP, 602-10
Internet Security Association and Key Management Protocol (ISAKMP), 614
Internet service providers (ISPs), 248, 515, 588, 651
Internet Timestamp option, 144-46
fields, 145
setting with Ping, 146
internetworking protocol, 113
InterNIC, 172, 174
intranets
IP addresses and, 173-74
multicast-enabled, 247-48
inverse ARP (InARP), 76
inverse queries, 418
IP (Internet Protocol), 113-46
datagrams, 116-17
disadvantages, 265-66
fragmentation, 127-36
header, 117-26
MTU, 115-16
options, 136-46
overview of, 113
services, 113-15
source routing, 140-44
version 6, 265-73
IP addresses, 147-81
APIPA and, 175-76
broadcast, 147, 176-78
CIDR and, 169-74
classes, 150-51
conflict detection, 74-75
enumerating ranges for, 162-65
expressing, 147-49
host IDs, 149-50, 152
illegal or overlapping, 173
intranets and, 173-74
IP header and, 149
multicast, 147, 178-81
network IDs, 149-50, 152, 156-57
next-hop, 63-64, 187-88
private, 173-74
public, 172-73
reserving for future use, 168
scaling problems, 169
spoofed, 317-18
subnetting process, 153-68
types of, 147
unicast, 147, 149-76
IP datagrams, 116-17
direct and indirect deliveries, 183-84
fragmentation example, 129-31
ICMP messages as, 212
reassembly example, 131-32
sending over ATM networks, 59-60
TCP segments sent as, 286
UDP messages sent as, 279
IP forwarding. See also IP routing
direct and indirect deliveries, 183-84
IP router process, 197-99
multicast IP traffic, 247
sending host process, 197
types of links, 184-86
IP header, 116, 117-26
Destination Address field, 126
Flags field, 122-23
Fragment Offset field, 123, 128-29
Header Checksum field, 125
Header Length field, 118
Identification field, 122
IP addresses in, 149
Network Monitor trace, 126
options and padding, 126
Protocol field, 124-25
Source Address field, 126
Time To Live field, 123-24
Total Length field, 122
Type Of Service field, 118-22
Version field, 117
IP Header + First 8 Bytes of Discarded Datagram field
ICMP Parameter Problem message, 232
ICMP Source Quench message, 224
ICMP Time Exceeded message, 231
IP Header + First 8 Bytes of Forwarded Datagram field, 226
IP Header + First 8 Bytes of Offending Datagram field, 215-16
IP MTU, 115
IP multicast traffic, 243-49
forwarding, 247
IGMP interfaces and, 261-64
Internet and, 248
intranets and, 247-48
overview of, 243
receiving, 246
router support, 246-47
sending, 245-46
TCP/IP protocol and, 260-61
IP options, 136-46
Copy field, 136
Internet Timestamp, 144-46
IP Router Alert, 144
Loose Source Route, 142-44
Option Class field, 136-37
Option Number field, 137-39
Strict Source Route, 140-42
IP payload, 117
IP Router Alert option, 144
IP router forwarding process, 197-99
IP routing, 183-209
autonomous systems, 208
broadcast links, 184-85
class-based vs. classless, 201-2
destination host receiving process, 199-200
determining routes, 189-90, 195-96
direct and indirect deliveries, 183-84
flat vs. hierarchical, 203-4
infrastructure overview, 200-208
IP router forwarding process, 197-99
non-broadcast multiple access links, 186
point-to-point links, 185
routing table, 187-96
sending host forwarding process, 197
single-path vs. multipath, 200-201
static vs. dynamic, 204-8
types of routes, 188-89
utilities, 208
Windows Server 2003 family and, 194-96, 204-5, 207-8
IP routing table, 187-96
for Windows Server 2003 family, 190-96
maintaining, 193-96
multihomed nodes, 192-93
route determination process, 189-90, 195-96
structure, 187-88
types of routes, 188-89
IP source routing, 140-44
Loose Source Route option, 142-44
Strict Source Route option, 140-42
IP6.ARPA domain, 270, 428
IPAutoconfigurationEnabled registry setting, 175-76
IPAutoconfigurationMask registry setting, 176
IPAutoconfigurationSubnet registry setting, 176
IPCP (Internet Protocol Control Protocol), 81
callback process, 101-2
options, 102
IP-in-IP tunneling, 248-49
IPP (Internet Printing Protocol), 491, 501-13. See also CIFS (Common Internet File System)
attributes, 505, 508-13
embedded printing, 504
fan out printing, 503-4
hosted printing, 503
how it works, 502-4
operations, 507-8
overview of, 501
request/response mechanisms, 506-7
RFC definitions, 502
security, 513
specifications, 505-13
IPSec (Internet Protocol Security), 611-50
Authentication header, 616-19
certificate authentication, 642-44
Encapsulating Security Payload header and trailer, 620-24
encryption algorithms, 613-14
hash algorithms, 613
Internet Key Exchange, 624
ISAKMP messages, 624-39
Kerberos authentication, 640-42
key management, 614, 640-45
Layer Two Tunneling Protocol with, 643, 652-54, 660-63
main mode negotiation, 639-45
NAT traversal, 648-49
overview of, 611
preshared key authentication, 644-45
properties for secure communications, 612-13
protection suite attributes, 640
quick mode negotiation, 646-47
retransmit behavior, 647-48
security associations, 614-15
IPSec security association, 615
IPv4 (Internet Protocol version 4), 265
compared to IPv6, 272
disadvantages of, 265-66
IPv6 (Internet Protocol version 6), 265-73
address syntax, 268
compared to IPv4, 272
core protocols, 270-72
DNS support, 270, 427-28
header, 270
host record, 441
improved features, 267
interface identifiers, 269
IP6.ARPA domain, 428
types of addresses, 268-69
ISAKMP (Internet Security Association and Key Management Protocol), 614
ISAKMP messages, 624-39
Certificate payload, 638
Certificate Request payload, 637
Delete payload, 635
fields, 625-27
format, 624-25
Hash payload, 636
header, 625-27
Identification payload, 635-36
Key Exchange payload, 632-33
Nonce payload, 632
Notification payload, 633-34
Proposal payload, 628-29
SA payload, 627-28
Signature payload, 638-39
Transform payload, 629-31
Vendor ID payload, 631-32
ISAKMP security association, 614-15
ISDN (Integrated Digital Services Network), 518
ISO (International Organization for Standardization), 39, 411, 660
ISPs (Internet service providers), 248, 515, 588, 651
iterative queries, 418
Next
Last Updated: February 9, 2003
|
