Transcript TCP Ports
Hands-On Ethical
Hacking and Network
Defense
Chapter 2
TCP/IP Concepts Review
Last modified 3-27-16 - jw
Objectives
Describe the TCP/IP protocol stack
Explain the basic concepts of IP
addressing
Explain the binary, octal, and hexadecimal
numbering system
Overview of TCP/IP
Protocol
Common language used by computers for speaking
to each other.
Overview of TCP/IP
Transmission Control Protocol/Internet Protocol
(TCP/IP)
Most widely used open standard protocol
The first layered protocol model for internetwork
communications was created by the DoD
(Department of Defense) and DARPA (Defense
Advanced Research Project Agency) in the early
1970s and is often referred to as the DoD model.
It defines four categories of functions that must
occur for communications to be successful.
TCP/IP stack
Contains four
different layers
Application
Transport
Internet
Network
Overview of TCP/IP
Protocol Data Units and Encapsulation
The encapsulation process.
As application data is passed
down the protocol stack on its
way to be transmitted across the
network media, various protocols
add information to it at each
level.
The form that a piece of data
takes at any layer is called a
Protocol Data Unit (PDU).
During encapsulation, each
succeeding layer encapsulates
the PDU that it receives from the
layer above in accordance with
the protocol being used.
Protocol Data Units and Encapsulation
At each stage of the process, a
PDU has a different name to reflect
its new appearance.
Data - The general term for the
PDU used at the Application
layer
Segment - Transport Layer
PDU
Packet - Internetwork Layer
PDU
Frame - Network Access Layer
PDU
Bits - A PDU used when
physically transmitting data over
the medium
Protocol Data Units and Encapsulation
The Application Layer
Front end to the lower-layer protocols
What you can see and touch – closest to
the user at the keyboard
HTTP, FTP, SMTP, SNMP, SSH, IRC and
Telnet all operate in the Application Layer
The Transport Layer
Encapsulates data into segments
Segments can use TCP or UDP to reach a
destination host
TCP is a connection oriented protocol
UDP is a connectionless oriented protocol
TCP and UDP
Transmission Control Protocol
(TCP)
TCP is a connection-oriented
protocol, described in RFC 793.
TCP incurs additional overhead to
gain functions.
Additional functions specified by
TCP are the same order delivery,
reliable delivery, and flow control.
Each TCP segment has 20 bytes
of overhead in the header
encapsulating the Application
layer data,
Applications that use TCP are:
Web Browsers
E-mail
File Transfers
http://www.uic.rsu.ru/doc/inet/tc
p_stevens/tcp_tran.htm
TCP and UDP
User Datagram Protocol (UDP)
UDP is a connectionless protocol,
described in RFC 768.
It providing for low overhead data
delivery.
The pieces of communication in
UDP are called datagrams.
each UDP segment only has 8
bytes of overhead.
These datagrams are sent as
"best effort".
Applications that use UDP
include:
Domain Name System (DNS)
Video Streaming
Voice over IP (VoIP)
Purpose of the Transport Layer
The Transport layer provides for the
segmentation of data necessary to
reassemble these pieces into the various
communication streams.
Its primary responsibilities to accomplish
this are:
Tracking the individual
communication between applications
on the source and destination hosts
Segmenting data and managing each
piece
Reassembling the segments into
application data
Identifying the different applications
TCP Connection Establishment and Termination
When two hosts communicate using
TCP:
a connection is established
before data can be exchanged.
The host tracks each data
segment within a session and
exchanges information about what
data is received.
After the communication is
completed, the sessions are
closed and the connection is
terminated.
TCP Connection Establishment and Termination
To establish the connection, the hosts
perform a three-way handshake.
Establishes that the destination
device is present on the network
Verifies that the destination
device has an active service and
is accepting requests on the
destination port number that the
initiating client intends to use for
the session
Informs the destination device
that the source client intends to
establish a communication
session on that port number
TCP three-way handshake
Computer A
sends a SYN
packet
Computer B
replies with a
SYN-ACK packet
Computer A
replies with an
ACK packet
TCP Header Format
0
1
2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Source Port
|
Destination Port
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Sequence Number
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Acknowledgment Number
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data |
|U|A|P|R|S|F|
|
| Offset| Reserved |R|C|S|S|Y|I|
Window
|
|
|
|G|K|H|T|N|N|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Checksum
|
Urgent Pointer
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Options
|
Padding
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
data
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
http://freesoft.org/CIE/RFC/793/19.htm
TCP Segment Headers
Critical components:
TCP flags
Initial Sequence Number (ISN)
Source and destination port
Abused by hackers finding vulnerabilities
TCP Flags
Within the TCP segment header, there are
six 1-bit fields that contain control
information used to manage the TCP
processes.
Six flags
URG - Urgent pointer field significant
ACK - Acknowledgement field significant
PSH - Push function
RST - Reset the connection
SYN - Synchronize sequence numbers
FIN - Finish Flag - No more data from sender
Flag can be set to 0 (off) or 1 (on)
TCP Flags
Six flags mnemonic
Unskilled - URG
Attackers - ACK
Pester - PSH
Real - RST
Security - SYN
Folks – FIN
Knowledge of the flags is useful for
analyzing performance and port scanning
techniques.
Initial Sequence Number (ISN)
32-bit number
Tracks packets received
Enables reassembly of large packets
Sent on steps 1 and 2 of the TCP threeway handshake
By guessing ISN values, a hacker can hijack a
TCP session, gaining access to a server
without logging in
http://en.wikipedia.org/wiki/TCP_sequence_pre
diction_attack
Initial Sequence Number (ISN)
cont’d
The ISN represents the starting value for
the bytes that will be transmitted to the
receiving application.
As data is transmitted, the sequence
number is incremented by the number of
bytes that have been transmitted.
This enables each segment to be uniquely
identified and acknowledged.
Missing segments can be identified.
Port Addressing: Identifying the Conversations
The TCP and UDP based services keep track of the
various applications that are communicating. Both
TCP and UDP have header fields that can uniquely
identify these applications.
These unique identifiers are the port numbers.
In the header of each segment or datagram, there is a
source and destination port.
The source port number is the number for this
communication associated with the originating
application on the local host.
The destination port number is the number for this
communication associated with the destination
application on the remote host.
Port Addressing: Identifying the Conversations
Port numbers are
assigned in various ways,
depending on whether the
message is a request or a
response.
While server
processes have static
port numbers assigned
to them, clients
dynamically choose a
port number for each
conversation.
1028
Client
23
23
Server
1028
Client
Server
Notice the difference in how source and destination port numbers
are used with clients and servers:
Client (initiating Telnet service):
Destination Port = 23 (telnet)
Source Port = 1028 (dynamically assigned)
Server (responding to Telnet service):
Destination Port = 1028 (source port of client)
Source Port = 23 (telnet)
TCP Ports
Port
Logical, not physical, component of a TCP
connection
Identifies the service that is running
Example: HTTP uses port 80
A 16-bit number – 65,536 ports
Each TCP packet has a source and
destination port
The IANA assigns port numbers
Port numbers are assigned in
various ways, based on three
ranges:
System Ports (0-1023)
User Ports (1024-49151)
Dynamic and/or Private Ports (4915265535)
http://www.iana.org/assignments/se
rvice-names-port-numbers/servicenames-port-numbers.xhtml
The IANA assigns port numbers
Well Known Ports (Numbers 0 to
1023) - These numbers are
reserved for services and
applications.
HTTP
(web server) - 80
POP3/SMTP (e-mail server) – 110/25
Telnet – 23
The IANA assigns port numbers
Registered Ports (Numbers 1024 to
49151) - These port numbers are
assigned to user processes or
applications.
These
processes are primarily
individual applications that a user has
chosen to install.
When not used for a server resource,
these ports may also be used
dynamically selected by a client as its
source port.
The IANA assigns port numbers
Dynamic or Private Ports (Numbers
49152 to 65535) - Also known as
Ephemeral Ports, these are usually
assigned dynamically to client
applications when initiating a
connection.
It
is not very common for a client to
connect to a service using a Dynamic
or Private Port.
The IANA assigns port numbers
Using both TCP and UDP
Some
applications may use both TCP
and UDP.
For example, the low overhead of UDP
enables DNS to serve many client requests
very quickly.
Sometimes, however, sending the
requested information may require the
reliability of TCP.
Blocking Ports
Helps you stop or disable services that are not
needed
Open ports are an invitation for an attack
You can’t block all incoming and outgoing ports
That would stop all networking
Example - Incoming ports 25 and 80 are usually
open on a servers, so mail serves can receive
messages and serve Web pages
Port numbers and Applications
Knowing port numbers is essential to quickly
determining applications
TCP Ports (continued)
Ports 20 and 21
File Transfer Protocol (FTP)
Use for sharing files over the Internet
Requires a logon name and password
More secure than Trivial File Transfer
Protocol (TFTP) but FTP is still clear text
transmission
TCP Ports (continued)
Port 23
Telnet
Older TCP/IP protocol for text-based
communication
Used commonly to configure network devices
TCP Ports (continued)
Port 25
Simple Mail Transfer Protocol (SMTP)
E-mail servers listen on this port
TCP Ports (continued)
Port 53
Domain Name Service (DNS)
Helps users connect to Web sites using URLs
instead of IP addresses
TCP Ports (continued)
Port 69
Trivial File Transfer Protocol
Used for transferring configurations
TCP Ports (continued)
Port 80
Hypertext Transfer Protocol (HTTP)
Used when connecting to a Web server
Port 110
Post Office Protocol 3 (POP3)
Used for retrieving e-mail
TCP Ports (continued)
Port 119
Network News Transfer Protocol
For use with newsgroups
Port 123
The Network Time Protocol (NTP) is used to
synchronize the clocks of computer systems
data networks.
TCP Ports (continued)
Port 135
Remote Procedure Call (RPC)
Critical for the operation of Microsoft
Exchange Server and Active Directory
Port 139
NetBIOS
Used by Microsoft’s NetBIOS Session
Service
File and printer sharing
TCP Ports (continued)
Port 143
Internet Message Access Protocol 4 (IMAP4)
Used for retrieving e-mail
More features than POP3
Port 443
Hypertext Transfer Protocol Secure (HTTPS)
Used for secure communications to a Web
server
45
TCP Ports (continued)
Port 3389
Remote Desktop Protocol (RDP)
Proprietary protocol developed by Microsoft, which
provides a user with a graphical interface to
connect to another computer over a network
connection. The user employs RDPclient software
for this purpose, while the other computer must
run RDPserver software.
46
Demonstration
Use telnet to establish connections
Use netstat to see the connections
Port 23 (usually Telnet)
Port 25 SMTP (blocked on COD campus???)
Port 21 FTP (blocked on COD campus???)
Demonstration
Demonstration
Demonstration
Wireshark Packet Sniffer
TCP Handshake: SYN, SYN/ACK, ACK
TCP
Ports
TCP
Status
Flags
User Datagram Protocol
(UDP)
Fast but unreliable protocol
Operates on transport layer
Does not need to verify whether the
receiver is listening
Relies on higher layers of the TCP/IP stack
to handle reliability problems
Connectionless protocol
The Internet Layer
Responsible for routing packets to their
destination address
Uses a logical address, called an IP
address
IP addressing packet delivery is
connectionless
Internet Control Message
Protocol (ICMP)
Operates in the Internet layer of the
TCP/IP stack
Used to send messages related to network
operations
Helps in troubleshooting a network
Some commands include
Ping
Traceroute
ICMP Type Codes
Ping – A TCP/IP Application
PING (Packet Internet Groper) is a diagnostic
utility used to determine whether a computer is
properly connected to devices/Internet.
Traceroute – A TCP/IP Application
Traceroute is a program that is available on many
systems, and is similar to PING, except that
traceroute provides more information than PING.
Traceroute traces the path a packet takes to a
destination, and is used to debug routing problems.
For more information on Ping
Read the book: The
Story About Ping by
Marjorie Flack, Kurt
Wiese
See a Amazon.com
customer review on next
slide – very funny!
Review of Story of Ping on Amazon.com
8271 of 8518 people found the following review helpful:
Ping! I love that duck!, January 25, 2000
Reviewer: John E. Fracisco (El Segundo, CA USA)
Using deft allegory, the authors have provided an insightful and intuitive explanation of one of Unix's most
venerable networking utilities. Even more stunning is that they were clearly working with a very early beta
of the program, as their book first appeared in 1933, years (decades!) before the operating system and
network infrastructure were finalized.
The book describes networking in terms even a child could understand, choosing to anthropomorphize the
underlying packet structure. The ping packet is described as a duck, who, with other packets (more ducks),
spends a certain period of time on the host machine (the wise-eyed boat). At the same time each day (I
suspect this is scheduled under cron), the little packets (ducks) exit the host (boat) by way of a bridge (a
bridge). From the bridge, the packets travel onto the internet (here embodied by the Yangtze River).
The title character -- er, packet, is called Ping. Ping meanders around the river before being received by another
host (another boat). He spends a brief time on the other boat, but eventually returns to his original host
machine (the wise-eyed boat) somewhat the worse for wear.
If you need a good, high-level overview of the ping utility, this is the book. I can't recommend it for most
managers, as the technical aspects may be too overwhelming and the basic concepts too daunting.
Problems With This Book
As good as it is, The Story About Ping is not without its faults. There is no index, and though the ping(8) man
pages cover the command line options well enough, some review of them seems to be in order. Likewise, in
a book solely about Ping, I would have expected a more detailed overview of the ICMP packet structure.
But even with these problems, The Story About Ping has earned a place on my bookshelf, right between
Stevens' Advanced Programming in the Unix Environment, and my dog-eared copy of Dante's seminal
work on MS Windows, Inferno. Who can read that passage on the Windows API ("Obscure, profound it
was, and nebulous, So that by fixing on its depths my sight -- Nothing whatever I discerned therein."),
without shaking their head with deep understanding. But I digress. --This text refers to the School & Library
Binding edition.
Wireshark Capture of a PING
59
Overview of Numbering
Systems
Binary
Octal
Hexadecimal
60
Reviewing the Binary
Numbering System
Uses the number 2 as its base
Binary digits (bits): 0 and 1
Byte
Group of 8 bits
Can represent 28 = 256 different values
61
UNIX and Linux Permissions
UNIX and Linux File permissions are
represented with bits
0 means removing the permission
1 means granting the permission
111 (rwx) means all permissions apply
Examples of Determining
Binary Values
Each position represents a power of 2
value
Usually the bit on the right is the less
significant bit
Converting 1011 to decimal
1 x 20 = 1
1 x 21 = 2
0 x 22 = 0
1 x 23 = 8
1 + 2 + 8 = 11 (decimal value)
63
Understanding Nibbles
Half a byte or four bits
Helps with reading the number by
separating the byte
1111 1010
Components
High-order nibble (left side)
Low-order nibble (right side)
64
Understanding Nibbles
(continued)
Converting 1010 1010 to decimal
Low-order nibble
Multiply high-order nibble by 16
1010 = 10 (base 10)
1010 = 10 x 16 = 160 (base 10)
160 + 10 = 170 (base 10)
65
Reviewing the Octal
Numbering System
Uses 8 as its base
Supports digits from 0 to 7
Octal digits can be represented with three bits
Linux and Unix Permissions
Owner permissions (rwx)
R – Read
Group permissions (rwx)
Other permissions (rwx)
___
___
___
Owner
Group Everyone
W – Write
X – Execute
66
Reviewing the Octal
Numbering System
Example Permissions on Linux and UNIX
Owner permissions (rwx)
Group permissions (r-x)
Other permissions (--x)
Example: 111 101 001
Octal representation 751
Mac-mini:temp student$ ls -al test.txt
-rwxr-x--x@ 1 student staff 29 Oct 25 12:32 test.txt
Mac-mini:temp student$
67
Reviewing the Octal
Numbering System
Examples:
Mac-mini:temp student$ ls –al test*.txt
-rwxr-x--x 1 student staff 29 Oct 25 12:32 test.txt
-r-xr-x--- 1 student staff 29 Oct 25 12:32 test1.txt
-rwxr-xr-- 1 student staff 29 Oct 25 12:32 test2.txt
-rw-r--r-- 1 student staff 29 Oct 25 12:32 test3.txt
Mac-mini:temp student$
68
Reviewing the Hexadecimal
Numbering System
Uses 16 as its base
Support
numbers from 0 to 15
Hex number consists of two characters
Each
character represents a nibble
Value contains alphabetic letters (A … F)
A
representing 10 and F representing 15
Sometimes expressed with “0x” in front
69
Warriors of the Net
Network+ Movie
http://www.warriorsofthe.net/
IP Addressing
Consists of four bytes, like 172.16.122.204
Two components
Network address
Host address
Neither portion may be all 1s or all 0s
IP Addressing
Legacy Classes of IP Addresses
Class A
Class B
Class C
Class D
http://en.wikipedia.org/wiki/Classful_network
IP Addressing (continued)
Class A
First byte is reserved for network address
Last three bytes are for host address
Supports more than 16 million host computers
Limited number of Class A networks
Reserved for large corporations and
governments
Format: network.node.node.node
https://en.wikipedia.org/wiki/List_of_assigned_/8
_IPv4_address_blocks
IP Addressing (continued)
Class B
First two bytes are reserved for network
address
Last two bytes are for host address
Supports more than 65,000 host computers
Assigned to large corporations and Internet
Service Providers (ISPs)
Format: network.network.node.node
IP Addressing (continued)
Class C
First three bytes are reserved for network
address
Last byte is for host address
Supports up to 254 host computers
Usually available for small business and home
networks
Format: network.network.network.node
IP Addressing (continued)
Class D
Address reserved for Multicast Traffic (one-tomany communication)
Commonly used for multimedia content delivery
and routing protocols
Address Range: 224.0.0.0 to 239.255.255.255
IP Addressing (continued)
Subnetting
Class A uses a subnet mask of 255.0.0.0
Also called /8
Class B uses a subnet mask of 255.255.0.0
Each network can be assigned a subnet mask
Helps identify the network address bits from the host
address bits
Also called /16
Class C uses a subnet mask of 255.255.255.0
Also called /24
Planning IP Address
Assignments
Each network segment must have a
unique network address
Address cannot contain all 0s or all 1s
To access computers on other networks
Each computer needs IP address of gateway
Planning IP Address
Assignments
TCP/IP uses subnet mask to determine if
the destination computer is on the same
network or a different network
If destination is on a different network, it
relays packet to gateway
Gateway forwards packet to its next
destination (routing)
Packet eventually reaches destination
79
Public and Private Addresses
Public Addresses
The majority of the addresses are public
addresses.
These addresses are designed to be used in
the hosts that are publicly accessible from the
Internet.
Public and Private Addresses
Private addresses
There are private blocks of addresses for internal use.
10.0.0.0 to 10.255.255.255 (10.0.0.0 /8)
172.16.0.0 to 172.31.255.255 (172.16.0.0 /12)
192.168.0.0 to 192.168.255.255 (192.168.0.0 /16)
Hosts in different networks may use the same private
addresses.
The hosts in the private networks use IP addresses that are
unique within their networking environment.
The router or firewall device at the perimeter of these
private networks must block or translate these addresses.
Public and Private Addresses
Network Address Translation (NAT)
With services to translate private addresses to
public addresses, hosts on a privately addressed
network can have access to resources across the
Internet.
The NAT can be implemented at the edge of the
private network.
NAT allows the hosts in the network to "borrow" a
public address for communicating to outside
networks.
Special IPv4 Addresses
There are certain addresses that cannot
be assigned to hosts.
Loopback
Network
and Broadcast
Default Routes
There are special addresses that can be
assigned to hosts but with restrictions.
Special IPv4 Addresses
Loopback
The loopback address 127.0.0.1.
You can ping the loopback address to test
the configuration of TCP/IP on the local host.
This also cover all addresses in 127.0.0.0 to
127.255.255.255.
Special IPv4 Addresses
Network and Broadcast Addresses
Within each network the first (network)
address and last (broadcast) addresses
cannot be assigned to hosts.
Special IPv4 Addresses
Default Route
The default route as 0.0.0.0.
The default route is used when a specific
route is not available.
This also covers all addresses in the 0.0.0.0
- 0.255.255.255.
Special IPv4 Addresses
Link-Local Addresses (APIPA)
The address block 169.254.0.0 to
169.254.255.255 (169.254.0.0 /16) are
designated as link-local addresses.
These might be used in a small peer-to-peer
network or for a host that could not
automatically obtain an address from a
DHCP server.
A host must not send a packet with link-local
destination address to any router for
forwarding.
Special IPv4 Addresses
TEST-NET Addresses
The address block 192.0.2.0 to
192.0.2.255 (192.0.2.0 /24) is set aside
for teaching and learning purposes.
These addresses can be used in
documentation and network examples.
network devices will accept these
addresses in their configurations.
You may often find these addresses
used with the domain names
example.com or example.net in RFCs,
vendor, and protocol documentation.
Addresses within this block should not
appear on the Internet.
IPv4 In-Class Exercises
To the Internet
Good Network
Network:
192.168.1.0
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.102
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
Duplicate IP Address
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.101
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
IP Address Outside Subnet
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.2.102
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
Wrong Subnet Mask
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.130
192.168.1.103
255.255.255.0
255.255.255.128
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
Wrong Subnet Mask
Network:
192.168.1.0
To the Internet
IP Address
A
Subnet Mask
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.102
192.168.1.103
255.255.255.0
255.255.128.0
255.255.255.0
192.168.1.1
192.168.1.1
192.168.1.1
To the Internet
Wrong Default
Gateway
IP Address
A
Subnet Mask
Network:
192.168.1.0
Default Gateway
192.168.1.1
Hub
255.255.255.0
147.144.51.1
B
C
D
192.168.1.101
192.168.1.102
192.168.1.103
255.255.255.0
255.255.255.0
255.255.255.0
192.168.1.1
192.168.1.101
192.168.1.1
IPv6 Exercise
Site 1
2001:DB8:0001:0001::/64
2001:DB8:0001:0002::/64
ISP
2001:DB8:0001::/48
Site 2
Only
Announces
the /32 Prefix
2001:DB8::/32
2001:DB8:0002:0001::/64
IPv6 Internet
2001:DB8:0002:0002::/64
2000::/3
2001:DB8:0002::/48
What is wrong?
BREAK
IPv6 Next!