At every exam you will get a copy of this file. Information you may need that you are not expected to memorize is given. Much of this information you do not need. If the exam is not the final: this file contains material you have not seen yet. I use one file for all exams. Frame Types in Ethernet (Ether Types) (in hexadecimal): IPv4 0800 IPv6 86DD ARP 0806 RARP 8035 Protocol Identifiers in IPv4: ICMP 1 IGMP 2 IPv4 4 (tunneling IPv4 over IPv4) TCP 6 EGP 8 UDP 17 IPv6 41 (tunneling IPv6 over IPv4) RSVP 46 OSPFIGP 89 ISIS 124 (Fairly new: ISIS used to be ``directly over Link Layer'') SCTP 132 Next Header identifiers in IPv6: The ``next header identifier'' in IPv6 points either at an extension header (see below) or at a ``next protocol'', e.g. IPv4, IPv6, TCP, UDP, etc.. In the latter case, the ``extension header'' has the format of the protocol header in question (with the exception of of Protocols 1 and 2), and the same identifier as under IPv4. Under IPv6 there is a new protocol ICMPv6 which combines functionalities of ICMP and IGMP. Forouzan says it has ``next header identifier'' 2 (?), I think it is 58, see the iana database. Not sure! The ``next protocol'' always is the last in the sequence of ``next headers''. It's header has the format as you learned it. It is followed by ``its'' options and then ``its'' data. Next Header - Next protocol (as above): IPv4 4 (tunneling IPv4 over IPv6) TCP 6 UDP 17 IPv6 41 (tunneling IPv6 over IPv6) Next Header - Extension Header: ICMPv6 2 (includes IGMP functionality) (I think this is wrong, must be 58) Null: 59 (No next header) Hop-by-hop Option: 0 Source Routing: 43 Fragmentation: 44 IPv6-ICMP 58 (See IANA) Authentication: 51 Version numbers: IPv4 4 IPv6 6 In an ICMP Echo-request, the type is 8 and the code is 0. In an ICMP Echo-response, the type is 0 and the code is 0. In an ICMP Time-exceeded error reporting message, the type is 11. In this message, the code is 0 if a router reports that the TTL decreased to zero. The code is 1 if a (destination) host reports that some but not all fragments arrived, and the packet timed out. IP Options: You must know the EoO Option and the No-Op Option. The Record-Route Option has code 7, Length and Pointer as needed. The Strict Source Route Option has code 137, Length and Pointer as needed. (Be sure to understand strict source route as done in class!). The Loose Source Route Option has code 131, Length and Pointer as needed. The Time Stamp Option has code 68, Length and Pointer as needed, 4 Overflow bits, and 4 Flag bits. For Fragmentation: you must know which options are put in all fragments, which ones only in the first fragment. DLL MTU Hyperchannel 65535 FDDI 4352 Ethernet 1500 X.25 576 TCP Options: You must know the EoO Option and the No-Op Option. The Maximum Segment Size Option has Code 2, Length 4. The Window Scale Option has Code 3, Length 3. The SACK-Permitted Option has code 4, length 2. (In Syn and Syn-Ack). The SACK Option has code 5, length as needed (at least 10). (Later packets). The Time Stamp Option has code 8, length 10. Port Numbers UDP/TCP Protocol 7 UDP/TCP Echo 20 UDP/TCP FTP, Data (but we know it often is a high number) 21 UDP/TCP FTP, Control 22 UDP/TCP SSH 23 UDP/TCP TELNET 53 UDP/TCP Name Server (Domain Name Service) 80 UDP/TCP HTTP (``Web Traffic'') 443 UDP/TCP HTTPS (Secure HTTP) 111 UDP/TCP RPC 119 UDP/TCP NNTP (Network News Transfer Protocol) 123 UDP/TCP NTP (Network Time Protocol) 179 TCP BGP (Border Gateway Protocol) 520 UDP RIP While often TCP and UDP both are ``legal'', often only one makes sense. (e.g. FTP, TELNET, HTTP, NNTP all need the reliability of TCP.) Class A: 0.0.0.0/1 but 10.0.0.0/8 are for private addresses and 127.0.0.0/8 are loopback addresses Class B: 128.0.0.0/2 but 169.254.0.0/16 and 172.16.0.0/12 are for private addresses. Class C: 192.0.0.0/3 but 192.168.0.0/16 are for private addresses Class D: 224.0.0.0/4 (Multicast) class E: 240.0.0.0/4 (Experimental) An ethernet packet that carries (directly, no encapsulation in-between) an IP packet of which the destination address is an IP multicast address has as physical destination address one that starts with 1:0:5E: , and the 25-th bit always is zero.