github logo

networking cheat sheet

TOC

Ethernet Frame

Preamble

SFD

Dest. MAC

Source MAC

[VLAN]

EtherType

Payload

FCS

GAP

IPV4 Header

IP version

Header Length

DSCP

ECN

Total Length

Identification

Flags

Fragment Offset

TTL

Protocol

Header Checksum

Source address

Destination address

Options

IPv6 Header

Version

Traffic Class

Flow Label

Payload Length

Next header

TTL

Source Address

Destination address

TCP Header

Source port

Destination port

Sequence number

Acknowledgment number

Data offset

Reserved

Flags

Window size

Checksum

Urgent pointer

Options

UDP Header

Source Port

Destination port

Length

Checksum

tcpdump

flags

-i nameCapture named interfaces, any for all -c integerCapture amount of packages -DShow available interfaces -nDo not resolve host-names -nnDo not resolve host-names or services (ports) tcpCapture tcp udpCapture udp, also works with others such as arp host IPCapture data to or from this host only src IPCapture data from this host only dst IPCapture data sent to this host only net CIDRCapture data to or from this subnet port numberUse service name instead of port port not num|nameExclude port or service in report

tcp flags

[S] SYNC [.|A] ACKNOWLEDGE [R] RESET [F] FINISHED [P] PUSH Flags can be displayed combined, [S.] means sync and acknowledge

nmap

IPScan host LISTScan list CIDRScan subnet -iL fileScan targets from file -iR numberRandom hosts of amount --excludeExclude hosts -iL fileScan targets from file -sUUDP port scan -nNo DNS resolution -p-Scan ALL ports from 0 to 65353 -p n[-n]Scan port or range -p U:n,T:nScan mixed ports, UDP and TCP -FFast scan 100 ports -sVTry to detect service

mtr

IPRun route to host -zResolve ASN -c numRun num cycles -rReport mode, useful with -c -wDo not truncate network names aka wide mode -nNo RDNS -uuse UDP instead of ICMP -Tuse TCP instead of ICMP -f numset first TTL, useful for skipping own router -i floatset interval, default is 1 second

iptables

-vLShows rules hit counters -A chainAppend rule to chain -I chain numInsert rule to chain at position -s CIDRPackages from source -d CIDRPackages to destination -j targetApply target to rule -m extensionUse an extension to match packet -LList all rules, use -t for specific tables

chains

A chain defines a set of rules. They do not need either a source nor a destination. They can be applied to those later. OUTPUT - When a package is sent directly INPUT - When a package is received FORWARD - When a package is forwarded USER DEFINED - You can define a user defined chain and apply it to any source/destination.

Fibre cables color coding

 OM1/2 multi-mode  OM3 multi-mode  OM4 multi-mode  OM5 multi-mode  OS1/2 single-mode PC with a blue plug  OS1/2 single-mode APC with a green plug

SFP

SFP+

SFP 1 GbE SFP+ 10 GbE SFP28 25 GbE QSFP+ 40 GbE SFP56 50 GbE QSFP28 100 GbE QSFP56 200 GbE QSFP-DD 400 GbE

BGP Table path selection

Prefer the highest local-preference value.

Prefer the shortest AS-path length.

Prefer the lowest origin value.

Prefer the lowest MED value.

Prefer routes learned from an EBGP peer over an IBGP peer.

Prefer best exit from AS.

For EBGP-received routes, prefer the current active route.

Prefer routes from the peer with the lowest Router ID.

Prefer paths with the shortest cluster length.

Prefer routes from the peer with the lowest peer IP address.

source

Provided by tuxstash.de