Networking & Protocols
IP packets: multiple-choice review
Six questions that cut across the whole unit. Each one mirrors a call you make in a real incident — a packet that dies somewhere, a connection that stalls only on large payloads, a prefix that goes dark from one AS — not a field to recite, but a behaviour to reason about.
Confirm you can connect header semantics, longest-prefix forwarding, MTU and PMTUD, NAT traversal, and the IP-layer security model — the synthesis the individual lessons built toward.
A monitoring tool reports that an IPv4 router recomputes the header checksum on every packet it forwards, but the equivalent IPv6 router does not. Why the difference, and what does IPv6 rely on instead?
A router's FIB holds both 10.0.0.0/8 via eth0 and 10.4.0.0/16 via eth1. A packet arrives for 10.4.2.9. Which path wins and what principle decides it?
A service behind a WireGuard VPN works for small requests but file uploads hang forever with no error. tcpdump shows the client retransmitting the same large segment about once a second. Root cause and most robust fix?
A WebRTC feature fails for some users on a mobile carrier and falls back to a relay. The carrier uses CGNAT. Why does CGNAT make direct peer connection harder, and what is the principled long-term fix?
Your site is reachable from your office but a customer on one ISP times out completely. A looking-glass query inside that ISP shows your prefix as RPKI 'invalid'. What most likely happened and what do you do first?
An attacker sends small spoofed UDP queries to open resolvers with your server's IP as the source, and your link drowns under multi-gigabit responses you never asked for. Which single defence, applied at the attacker's network, stops the attack at its origin?
The through-line across the unit is one packet’s life: the header carries TTL, protocol, and addresses (IPv6 dropping the per-hop checksum); routers forward by longest-prefix match in a hardware FIB that BGP keeps globally consistent; MTU mismatches must fragment or shrink, and a blocked ICMP turns that into a silent PMTUD black hole; NAT and CGNAT trade address-exhaustion relief for broken end-to-end reachability that STUN/TURN/ICE and ultimately IPv6 work around; and because IP authenticates neither source nor route, BCP 38, uRPF, and RPKI — all needing operator cooperation — are the defences. Every failure mode resolves back to those same mechanics.