Table of Contents
To be successful with the network fundamentals section of the LPI exam candidates should possess a good working knowledge of Internet Protocol (IP) (version 4) networking. This includes understanding the concepts of address classes, subnets and private IP address ranges. It is also necessary to know port numbers for popular network services and common protocols like Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Internet Control Message Protocol (ICMP). This section of the exam will also cover commands and configuration files associated with networking as well as utilities for troubleshooting connectivity.
Making connections to internet services requires knowing more than just an IP address. There is also a proper port number and protocol that must be used. Most end-users are blissfully unaware of this fact because the operating system takes care of the mundane details.
For Linux systems the /etc/services file is
responsible for translating a service name, like FTP or telnet, into port
numbers, like 21 or 23. An excerpt of /etc/services
is show below.
bash$ sed -n 43,51p /etc/services ftp 21/tcp ftp 21/udp fsp fspd ssh 22/tcp # SSH Remote Login Protocol ssh 22/udp # SSH Remote Login Protocol telnet 23/tcp telnet 23/udp # 24 - private mail system smtp 25/tcp mail smtp 25/udp mail
Some of the well-known port numbers that may appear on the exam are listed below. Take time to memorize this entire list.
20 - File Transfer Protocol (FTP) data
21 - File Transfer Protocol (FTP) control
23 - Telnet
25 - Simple Mail Transfer Protocol (SMTP)
53 - Domain Name Service (DNS)
80 - HyperText Transfer Protocol (HTTP)
110 - Post Office Protocol version 3 (POP3)
119 - Network News Transport Protocol (NNTP)
139 - NetBIOS Session Service
143 - Internet Message Access Protocol (IMAP)
161 - Simple Network Management Protocol (SNMP)
In addition to the ip address and port number that are needed to
make a connection to an internet service it is also necessary to use the
correct protocol. This is another detail that is transparent to the end
user, because it is handled by the operating system. Information about the
protocols used with IP are kept in the /etc/protocols
file. An excerpt is shown below.
bash$ sed -n -e 12,19p -e 30p /etc/protocols ip 0 IP # internet protocol, pseudo protocol number #hopopt 0 HOPOPT # hop-by-hop options for ipv6 icmp 1 ICMP # internet control message protocol igmp 2 IGMP # internet group management protocol ggp 3 GGP # gateway-gateway protocol ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'') st 5 ST # ST datagram mode tcp 6 TCP # transmission control protocol udp 17 UDP # user datagram protocol
Common protocols include TCP, UDP and ICMP. There are actually a
great number of protocols, but these three are the most prevalent. TCP is
used to handle the underlying data streams for web, email, news and almost
every other popular network application. That does not mean that UDP and
ICMP are not important however. While TCP is good at providing reliable,
error-free data UDP is used for applications where speed or simplicity is
more important than reliability. Applications like DNS lookups and SNMP
use the UDP protocol. ICMP is used for untilities such as
ping and traceroute. If you have
ever seen the destination host
unreachable message, this is ICMP in action.
Many modern networking environments use Dynamic Host Configuration Protocol (DHCP) to automatically set up the parameters needed to get computers connected to the network. However, a successful LPI candidate should understand how to manually configure Linux machines using the ifconfig and route commands. LPI exams generally ask straightforward questions, but it is not unusual to see a question asking about a common command-line option. Be prepared by practicing manual network configuration with ifconfig and route.
A network of computers is a complex system and many times things do not work as well as intended. A network administrator needs to understand basic troubleshooting techniques like pinging and tools like netstat. (more to come)
Given an IP address of 192.168.12.17 and a subnet mask of 255.255.255.0, what is the network portion of the address?
Given the CIDR address format of 172.16.10.1/24, what is the network mask in dotted-quad notation?
255.0.0.0
255.255.0.0
255.255.255.0
255.255.255.255
During a freak electrical storm both the primary and secondary DNS servers on your network were simultaneously struck by lightning and are no longer operational. In the absense of name servers which file can be used to do domain name to IP address lookups? (give the full path)
The loopback address, 127.0.0.1, is which class of IP address?
Class A
Class B
Class C
Class D
Your company's Internet connection is down and you have been called in to investigate. You would like to know if the fault lies with one of the routers on your LAN or if there is a problem with a router on your ISP's network. Which command would you use to quickly determine the location of problem?
An entry such as the following is found in which file? (give the complete path)
smtp 25/tcp # simple mail transport protocol
Several of your company's employees have asked for the ability to check their work email from home via the Internet. You have configured an IMAP daemon to accomodate them. On which port does IMAP communicate?
23
25
110
143
The DHCP server for your LAN has a failed power supply and it will take 24 hours for the new part to arrive. Which command can be used to manually configure IP addresses until the DHCP server can be repaired?
netstat
ipconfig
ifconfig
inetcfg
In an effort to maintain a well-documented network environment you want to do periodic checks of network activity on your server. Which command will let you view active network connections? (specify the command without any command-line options.)
The correct answer is 192.168.12.0.
Answer C is correct, /24 in CIDR notation means a 24-bit mask. Each octet in an IP address has 8 bits and the decimal equivalent of eight bits all set to 1 is 255. So answer A is equivalent to /8 in CIDR notation, answer B is the same as /16 and answer D is /32.
The correct answer is /etc/hosts.
The correct answer is Class A, any address with a first octet that is less than 128 is considered to be a Class A address.
The correct answer is traceroute. While you might be tempted to use ping, this would require you to ping each router individually and does not quickly determine where the problem is.
The correct answer is /etc/services.
The IMAP protocol uses port 143 so D is the correct answer. Ports 23, 25 and 110 are used for telnet, smtp and pop3, respectively.
Answer C, ifconfig is correct. netstat is used to view network connections, not configure interfaces. ipconfig and inetcfg are both commands used by other operating systems.
The correct answer is netstat.