113 - 238 CCNA 2: Routers and Routing Basics v3.1 Instructor Guide – Module 10
Copyright
©
2004, Cisco Systems, Inc.
3. The source host responds with a simple acknowledgement of y + 1 to indicate that it
received the previous ACK. This finalizes the connection process.
The three-way handshake is an important concept for the student to understand. A relevant TI
from CCNA 2 v2.1.4 is 9.1.6.
10.1.3 Denial of service attacks
Denial of service (DoS) attacks are designed to deny services to legitimate hosts that attempt
to establish connections. DoS attacks are commonly used by hackers to halt system
responses. One example is SYN flooding, which occurs during the three-way handshake
process. As a packet with the SYN bit set is sent, it includes its IP address and the destination
IP address. This information is then used by the destination host to send the SYN/ACK packet
back. In the DoS attack, the hacker initiates a synchronization but spoofs the source IP
address. The destination device responds to a non-existent, unreachable IP address and is
placed in a waiting state. This waiting state is placed in a holding area that uses memory.
Hackers flood the host with these false SYN requests to deplete all the connection and
memory resources of the host. To defend against these attacks, system administrators may
decrease the connection timeout period and increase the connection queue size. This is an
important concept for the students to understand to help prevent hackers from creating chaos
in a network.
10.1.4 Windowing and window size
Data is often too large to be sent in a single data segment. TCP breaks data into segments. A
good analogy is small children who cannot eat large pieces of food. Their food must be cut into
smaller pieces to be eaten. Another way to explain the advantages of this segmentation is to
ask the students to imagine a 200-MB file that needs to be transferred. Ask students the
following questions:
•
What if networking did not allow the file to be segmented?
•
How long would the other hosts on the network have to wait to get any network
access?
Even without an exact answer the students can see the inefficiency of streaming on all the
other hosts. Calculate the wait with the formula (200MB x 8bits/byte)/media speed.
After data is segmented, it must be transmitted to a destination device. Flow control regulates
how much data is sent during a transmission. The process of flow control is known as
windowing. Window size determines how much data can be transmitted at one time. The host
must receive an ACK before any more data can be sent. TCP uses sliding windows to
determine transmission size. This allows for negotiation of the window size to allow for more
than one byte to be sent. This allows for the destination device to tell the source to decrease
or increase the amount of data being sent. This is an important concept for the students to
understand. This helps the student understand the entire process of TCP and why it is
considered reliable and connection-oriented.