+44 (0)1737 821590
Advanced TCP/IP  |    A 5 day   hands on   training course

Advanced TCP/IP training course description

An intensive advanced TCP/IP course focusing on the details of the protocols according to the RFCs. This course is designed to go into the technical details of the protocols and is not for those that are new to TCP/IP. A particular focus is on TCP and performance. Those more interested in routing protocols should see our Definitive IP routing for engineers course. It is expected that delegates are totally familiar with configuration addressing. Hands on sessions consist of protocol analysis using Wireshark.

What will you learn
  • Analyse packets and protocols in detail.
  • Troubleshoot networks using Wireshark.
  • Find performance problems using Wireshark.
  • Perform network forensics.
Advanced TCP/IP training course details

Advanced TCP/IP training course contents

  • IP
  • Fragmentation and MTU issues, Path MTU discovery, Geolocation, unusual IP addresses, forwarding broadcasts, DiffServ, DSCP, ECN, assured and expedited forwarding. TTL usage in traceroute, Protocol field. Sanitising IP addresses in trace files. Wireshark and checksum errors.

  • IPv6
  • The header. Extension headers. Traffic class and flow labels. Tunnelling. IPv6 and fragmentation.

  • ARP
  • Requests, responses, gratuitous ARP, Proxy ARP, ARP poisoning.

  • ICMP
  • ping, Round Trip Times, ICMP redirect, ICMP router advertisement and solicitation, Time Exceeded, Destination unreachable. ICMPv6: Similarity to ICMPv4, Neighbor discovery and the replacement of ARP. MLD.

  • First hop redundancy
  • ICMP discovery, HSRP, VRRP, GLBP.

  • IGMP
  • Multicast overview, multicast architecture, multicast addresses, IGMP v1, IGMPv2, IGMPv3.

  • UDP
  • Use in broadcasts and multicasts. Port numbers.

  • TCP
  • Connections, RST, FIN, sequence numbering, packet loss recovery, Fast recovery, RTO timeout, SACK, TCP flow control, receive window, congestion window, van Jacobsen, nagle, delayed ACKs, PSH, URG, TCP options, MSS, Window scaling, TCP timestamps. Congestion notification.
    Hands on Troubleshooting with sequence numbers, Wireshark IO and TCP graphs to analyse performance. Window size issues.

  • DHCP
  • DHCP header. Relationship to BOOTP. Discover, offer, request, decline, ACK, release. Lease, renewal and rebind times. Relay agents. DHCPv6

  • DNS
  • Names and addresses, Resource Records, queries, responses, problems. MDNS.

  • HTTP
  • Requests, methods, request modifiers, response codes. HTTPS. SSL, TLS. Proxies.
    Hands on Redirects, recreating pages from packets.

  • FTP
  • Commands, responses, passive/active mode.

  • Email
  • SMTP, POP3, IMAP, commands responses.

  • Voice and Video
  • RTP, RTCP, SIP. IP PBXs. Traffic flows.
    Hands on Voice playback.

  • SNMP
  • MIBs, GET, TRAP, polling.

  • Performance
  • Baselining, high latency, Wireshark and timings, packet loss, redirections, small packets, congestion, name resolution.

  • Security
  • Network forensics, scanning and discovery, suspect traffic. IPsec, SSH.

Learning path



Based on customer ratings

P. B. - CGG Veritas

"Very good instruction. Kept classes interesting and fun."

T. B. - BAE Systems

"The course gave the required amount of information and was very well presented."

Training approach

This structured training course seeks to build upon workbook learning through the use of group exercises, dynamic discussion and individual tasks in order to deliver an engaging and interactive module that will ensure all candidates are able to transfer their new skills into the workplace.