Understanding TCP/IP

Understanding TCP/IP

Congratulations to our October Reader Challenge winners. Tammy Carlyle of Goddard, Kansas, wins first prize, a copy of "Admin911: Windows 2000 Registry." Second prize, a copy of "Windows 2000: The Complete Reference" goes to Chris Wong of Philadelphia, Pennsylvania.

The Problem:

If you have a Windows 2000 network, you're immersed in TCP/IP, which constitutes a big change for many network administrators who had previously worked with Windows NT networks. Troubleshooting Win2K network connectivity problems is difficult if you don't have at least a basic understanding of TCP/IP. Can you answer these questions?

Question 1: Which of the following is not a core protocol of TCP/IP?

A. Address Resolution Protocol (ARP)

B. Internet Control Message Protocol (ICMP)

C. IPSecurity (IPSec)

Question 2: Which utility would you use to determine whether communications between your computer and other computers on the network are secure?

A. Ipsecmon.exe

B. Nbtstat.exe

C. Pathping.exe

Question 3: What does the LMHOSTS file do?

A. It maps NetBIOS names to IP addresses

B. It maps IP addresses to NetBIOS names

C. It maps IP addresses to MAC addresses


Question 1: The correct answer is choice C, IPSec. IPSec provides security at the packet processing layer of network communication, making it a core protocol of TCP/IP. (Before IPSec, security functions worked at the application layer.)

ARP maps an IP address to a physical machine address that's recognized in the local network. The physical machine address is also known as a Media Access Control (MAC) address.

ICMP is a message control (and error-reporting) function that operates between a host and an Internet gateway.

Question 2: The correct answer is choice A, Ipsecmon.exe, which you can launch by entering


in the Run dialog. This GUI tool lets you test whether an IPSec security association has been established.

Nbtstat.exe is a diagnostic command-line tool that displays the current TCP/IP connections that are using NetBT (NetBIOS over TCP/IP).

Pathping.exe is a route-tracing tool that combines some of the features of Ping and Tracert (and displays information that neither of those commands provides). Pathping works by sending packets to each router on the way to a final destination (the target destination in the command you enter), and displays the results of each hop. Pathping provides a way to determine which routers or links might be interfering with network communications.

Question 3: The correct answer is choice A. The LMHOSTS file maps NetBIOS names to IP addresses.

Choice B describes what we usually call a reverse lookup, which DNS handles by using the PTR record in the DNS database. The PTR record lets DNS satisfy queries when the IP address is known but the name isn't (by definition, a reverse lookup).

Choice C, mapping IP addresses to MAC addresses, is something that ARP does.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.