Home > TCP UDP Questions 2

TCP UDP Questions 2

July 30th, 2017 in ROUTE 300-101 Go to comments

Question 1

Explanation

Unlike TCP which uses the sequence numbers to rearrange the segments when they arrive out of order, UDP just passes the received datagrams to the next OSI layer (the Session Layer) in the order in which they arrived.

Question 2

Question 3

Explanation

In Asymmetric routing, a packet traverses from a source to a destination in one path and takes a different path when it returns to the source. This is commonly seen in Layer-3 routed networks.

Issues to Consider with Asymmetric Routing

Asymmetric routing is not a problem by itself, but will cause problems when Network Address Translation (NAT) or firewalls are used in the routed path. For example, in firewalls, state information is built when the packets flow from a higher security domain to a lower security domain. The firewall will be an exit point from one security domain to the other. If the return path passes through another firewall, the packet will not be allowed to traverse the firewall from the lower to higher security domain because the firewall in the return path will not have any state information. The state information exists in the first firewall.

Reference: http://www.cisco.com/web/services/news/ts_newsletter/tech/chalktalk/archives/200903.html

Specifically for TCP-based connections, disabling stateful TCP checks can help mitigate asymmetric routing. When TCP state checks are disabled, the ASA can allow packets in a TCP connection even if the ASA didn’t see the entire TCP 3-way handshake. This feature is called TCP State Bypass.

Reference: https://supportforums.cisco.com/document/55536/asa-asymmetric-routing-troubleshooting-and-mitigation

Note: The active/active firewall topology uses two firewalls that are both actively providing firewall services.

Question 4

Explanation

A device that sends UDP packets assumes that they reach the destination. There is no mechanism to alert senders that the packet has arrived -> Answer A is not correct.

UDP throughput is not impacted by latency because the sender does not have to wait for the ACK to be sent back -> Answer B is not correct.

UDP does not negotiate how the connection will work, UDP just transmits and hopes for the best -> D is not correct.

Therefore only answer C is left.

Question 5

Explanation

The command “show tcp brief numeric” displays a concise description of TCP connection endpoints.

Question 6

Question 7

Explanation

TCP starvation/UDP dominance likely occurs if TCP-based applications is assigned to the same service-provider class as UDP-based applications and the class experiences sustained congestion.

TFTP (run on UDP port 69) and SNMP (runs on UDP port 161/162) are two protocols which run on UDP so they can cause TCP starvation.

Note: SMTP runs on TCP port 25; HTTPS runs on TCP port 443; FTP runs on TCP port 20/21

 

Comments
  1. Mike
    October 25th, 2017

    Don’t agree with Q4. I think the correct is C

  2. Mike
    October 25th, 2017

    Sorry, I think the correct is B)

  3. Paco
    October 29th, 2017

    Question 4
    I agree with you, B is the correct one to me, C does not make any sense for UDP

  4. Corner
    November 20th, 2017

    Question 4. Correct answer is C.
    http://smutz.us/techtips/NetworkLatency.html

  5. salman
    March 10th, 2018

    Question 5, i tried the BGP practical following was the observation:-
    1) Using command ” Show tcp brief” :- i can see the same output as seen in the command “Show tcp brief numeric” also both shows the state field as “ESTAB”

    2) Using command ” Show tcp brief All” :- i can see both state field i. e. “ESTAB” as well as “LISTEN”

    In question its stating both field “ESTAB & LISTEN” so answer will be ” Show Tcp Brief All ”

    Please some one clarify or correct me

  6. Marcus
    March 14th, 2018

    I agree the answer C is most better in Q4, but I have a misunderstanding with it. The term ‘latency’ have a meaning between TWO events. But from the point of view of receiver there is only ONE event – recieving the packets. The receiver just gets these packets immediately by each other. The receiver doesn’t aware about the sending time. So, why it should hold the data in the buffer? It should just pass the received datagrams to the next OSI layer, as explained above in Q1. Isn’t it?

  7. Marcus
    March 14th, 2018

    I agree with @salman about Q5. The most better answer is B (show tcp brief all).

  8. EAGLE_EYE
    March 20th, 2018

    Hi All,

    Q5.. What show command is used here?

    TCB Local Address Foreign Address (state)
    6523A4FC 10.1.25.3.11000 10.1.25.3.23 ESTAB
    65239A84 10.1.25.3.23 10.1.25.3.11000 ESTAB
    653FCBBC *.1723 *.* LISTEN

    A. show tcp brief
    B. show tcp brief all
    C. show tcp brief numeric
    D. show tcp brief ip

    I’ve used real equipment and many simulators and the commands
    sh tcp brief ip & sh tcp brief numeric don’t show up as an option.
    I’ve also checked the | section part also with nothing.

    @Digitaltut Can you please update this question if incorrect?

  9. Marcus
    April 4th, 2018

    It turns out, Q5 is a tricky question. The documentation says “Without this keyword [all], endpoints in the LISTEN state are NOT shown.” But we can see the LISTEN state in the output of “show tcp brief numeric” command (without “all”) below. May be because there is no endpoints. Anyway, this question was made to confuse us, but now I think C is correct. Thanks to Rukia24.

  1. No trackbacks yet.