1.0 Networking Fundamentals
[1.1] Compare and contrast the Open Systems Interconnection (OSI) model lays and encapsulation concepts
OSI Model
Developed in 1977 by International Organization for Standardization (ISO). Useful in troubleshooting networks and serves as a reference model in networks. It categorizes functions of the network into layers and helps compare technologies across different manufacturers.
Please Do Not Throw Sausage Pizza Away --> LAYERS
Don't Some People Fear Birthdays? --> ENCAPSULATION (data types)
1 Physical
Bits (1's and 0's)
Network Interface
2 Data Link - Media Access Control - Logical Link Control
Frame (MAC / Ethernet)
Network Interface
3 Network
Packet (IP)
Internet
4 Transport
Segment (TCP) / Datagram (UDP) - Ports
Transport
+ 5 Session
Data (Link)
Application
+ 6 Presentation
Data (SSL / TLS)
Application
+ 7 Application
Data (Visual App)
Application
Layer 1 (Physical)
Transmission of bits across the network
Electrical voltage: 0 volts --> 0 | +/- 5 volts --> 1 OR 1 on change of state
Contains wiring standards for connectors and jacks
Asynchronous: Uses start and stop bits to indicate transmission
Synchronous: Uses a reference clock to coordinate the transmission
Broadband: Divides bandwidth into separate channels i.e. cable TV
Baseband: Uses all available frequency on a medium to transmit data and uses reference clock
Time-Division Multiplexing (TDM): Each session uses time slots to share the medium
Statistical TDM (StatTDM): More efficient TDM, dynamically allocates on as-needed basis
Frequency-Division Multiplexing (FDM): Medium is divided into various channels based on frequencies and each session is transmitted over a different channel i.e. broadband
Examples include ethernet, fiber optic, Wi-Fi, Bluetooth, hubs, access points, media converters
Layer 2 (Data Link)
Packages data into frames, transmits, performs error detection, MAC identification, flow control
Split into 2 sub layers, (1) MAC - hardware, (2) LLC - software
Media Access Control (MAC): 48 bit-address assigned to a network interface card (NIC)
First 24-bits is the vendor code, second 24-bits is a unique value
This sub layer determines logical topology and method of transmission
Logical Link Control (LLC): Interface between the network layer and MAC sublayer
Provides connection services, flow control, receipt of messages
Flow control - limits amount of data sender can send at one time
Error control - allows receiver to let sender know when something went wrong with frame
Examples include NICs, bridges, switches
Layer 3 (Network)
Forwards traffic (routing) with logical address (IPv4 or IPv6)
Logical addressing, switching, route discovery & selection, connection services...
Numerous routing protocols through time i.e. AppleTalk, IPX, and Internet Protocol (IP)
Packet Switching: Data is divided into packets and forwarded
Circuit Switching: Dedicated communication link is established between 2 devices
Message Switching: Data is divided into messages and utilizes "store and forward"
Routers maintain routing tables to understand how to forward packets (routing protocols)
RIP
OSPF
EIGRP
Packet Reordering: Allows packets to be sent over multiple links and routes
Internet Control Message Protocol (ICMP): Used to send error messages and operational information about an IP destination, used in troubleshooting i.e.
pingandtracerouteExamples include routers, multilayer switches, IPv4/6 protocol, ICMP
Layer 4 (Transport)
Data is sent as segments, utilizes TCP/UDP, windowing, and buffering
Transmission Control Protoocol (TCP): Reliable, connection-oriented protoco
Segment retransmission and flow control through windowing
Segment sequencing and acknowledgment
User Data Protocol (UDP): Unreliable, connectionless protocol
Windowing: Allows the clients to adjust the amount of data sent in each segment
Buffering: Devices, such as routers, allocate memory to store segments if bandwidth isn't readily available, if buffer overflows, segments get dropped
Examples include TCP, UDP, WAN Accelerators, Load Balancers, Firewalls
Layer 5 (Session)
Session is like a conversation that must be kept separate from others to prevent intermingling
Setting up > user credentials, assign numbers, negotiate services and communication
Maintaining > transfer data, reestablish disconnected sessions, awknowledge receipts
Tearing down > End on mutual agreement or due to disconnection
Examples include H.323 (voice/video conn) and NetBIOS (used to share files over net)
Layer 6 (Presentation)
Responsible for formatting the data exchanged and securing with encryption
Functions, data formatting, encryption
Data formatting > ASCII, GIF, JPG, etc. - provides correct data structures and syntax
Encryption > Used to scramble the data in transit to provide confidentiality i.e. TLS
Examples include HTML, XML, PHP, JS, ASCII, EBCDIC, UNICODE, GIF, JPG, MPG, TLS, SSL...
Layer 7 (Application)
Provides application-level services (not Word or Notepad)
Application Services: Unite communicating components from more than one network app
File transfers/sharing, e-mail, remote access, network management, client/server
Service Advertisement: Some apps send out announcements, states the services they offer
Some centrally register with Active Directory
Examples include printers and file servers
Examples include e-mail (POP3, IMAP, SMTP), web browsing (HTTP, HTTPS), domain name service (DNS), file transfer protocol (FTP, FTPS), remote access (TELNET, SSH), SNMP
TCP/IP Model
Application
DNS, BOOTP, DHCP, SMTP, POP, IMAP, FTP, TFTP, HTTP, etc.
Transport
UDP, TCP
Internet
IP, NAT, ICMP, OSPF, EIGRP
Network Access
ARP, PPP, Ethernet, Interface Drivers
Data Encapsulation and Decapsulation within the OSI Model Context
Encapsulation: The process of putting headers and trailers around data (7 --> 1)
Decapsulation: Action of removing the encapsulation applied (1 --> 7)
Protocol Data Unit (PDU): A unit of information transmitted among network entities
Ethernet header --> Internet Protocol (IP) header --> Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) header --> Data
TCP flags: Used to indicate a particular connection state or provide insight i.e.
Reserved, Nonce, Congestion Window Reduced, ECN-Echo ...
ACK: Acknowledge receiving packet with handshake
PSH: Push the data to the application without buffering
RST: Reset the connection, used when receiving an unexpected packet
SYN: Synchronize sequence numbers with handshake
FIN: Last packet from the sender with handshake to tear down connection
URG: Like PSH flag but with urgent data to be immediately processed
MAC address: A physical address that is used to identify a network card on the LAN
EtherType Field: Used to indicate which protocol is encapsulated in the payload of the frame
Maximum transmission unit (MTU): The largest size frame or packet that can be transmitted across a data link
Fragmentation: The process of dividing packets into smaller pieces so the resulting pieces can travel across a link with a smaller MTU than the original packet size
Asynchronous Transfer Mode: Layer 2 (Data Link) core protocol that uses connection oriented networks for cell relay that support voice, video, and data communication
[1.2] Explain the characteristics of network topologies and network types
Physical Topology: How devices are connected by media
Logical Topology: How the actual traffic flows in the network
Mesh
Features multiple links to the same place - can be fully connected or partially connected
Redundancy, fault-tolerance, load balancing, very expensive to maintain and operate
Used in wide area networks (WANs) as fully or partially meshed topologies
Full-mesh has x number of connections where x = n (n-1) / 2
Star / Hub-and-Spoke
Hub-and-spoke is a network topology with a central device (computer) is connected to multiple other devices > often used in WAN topologies
Star is a network topology where each individual piece of a network is attached to a central node such as a switch or router > often used in LAN topologies
Used in most large and small networks, most popular LAN topology
All devices are connected to a central device, if center fails, the entire network fails
Switched Ethernet networks, the switch is in the middle
Bus
Early local area networks used coaxial cables known as the bus
Each device connects into cable using either a T connector or vampire tap
Simple, but prone to errors - one break in the link could disable the entire network
Controller Area Network (CAN) used in many automobile
Ring
Used in many popular topologies, however token ring is no longer used
Still used in many Metro Area Networks (MANs) and Wide Area Networks (WANs)
Capabilities for dual-rings and built-in fault tolerance, FDDI (fiber networks)
Hybrid
A combination of one or more physical topologies
Most networks are a hybrid
Wireless Network Topology
Infrastructure Mode
Most common type of wireless network
Requires centralized management
Uses a wireless access point as a centralized point like a star topology
Supports wireless security controls
Ad Hoc Mode
Decentralized wireless network
No routers or access points are required
Forwarding decisions for data on the network are made dynamically
Allows creation & joining of networks "on-the-fly"
Creates P2P connections
Wireless Mesh Topology
Interconnection of different types of nodes or devices
Consists of clients, routers, and gateways
Utilizes different radio frequencies to extend and expand access
Network Types and Characteristics
Peer to peer: All devices are both clients and servers
Advantages:
Easy to deploy
Low cost
Disadvantages:
Difficult to administer
Difficult to secure
Client-server: Clients talk directly to the server, no client-to-client communication
Advantages:
Performance
Administration
Disadvantages:
Cost
Complexity
Local Area Network (LAN): Local is relative, can be within a building or group of building
Generally has high-speed connectivity
Utilizes Ethernet (IEEE 802.3) and Wi-Fi networks (IEEE 802.11)
Metropolitan Area Network (MAN): A network across a city, larger than a LAN, but often smaller than a WAN
Historically MAN-specific topologies, moving toward "Metro Ethernet"
Common to see government ownership
Wide Area Network (WAN): Spanning the globe, generally connects LANs across a distance
Generally much slower than a LAN
Many different WAN technologies i.e point-to-point, MPLS, etc.
Terrestrial (fiber) and non-terrestrial (satellite)
Wireless Local Area Network (WLAN): All devices communicate through an access point, utilizes 802.11 technologies
Enables mobility within a building, but is limited to a geographical area
Can expand coverage with additional access points across campus or wide area
Personal Area Network (PAN): A private network such as Bluetooth, IR, NFC
Can be used in automobiles for audio output or phone integration
Often used for mobile phone widget connections and wireless headsets
Health uses for workout telemetry and daily health reports
Campus Area Network (CAN): Middle ground between LAN and MAN, often for corporate or campus areas
Limited to geographical area or a group of buildings
LAN technologies such as fiber connection and high speed Ethernet
Fiber often running through ground with not third-part provider
Storage Area Network (SAN): A specialized, high speed network that provides network access to storage devices
Network Attached Storage (NAS) --> Connects to a shared storage device across the network
Looks and feels like a local storage device, has block-level access
Very efficient reading and writing
Requires a lot of bandwidth, usually has a dedicated and isolated network
Software-defined Wide Area Network (SDWAN): Uses software-defined network technology, such as communicating over the Internet using encrypted overlay tunnels
The data center used to be in one place, but allows for the use of cloud based applications
Multiprotocol Label Switching (MPLS): Communication through the WAN that uses labels for routing and forwarding
Learning from ATM and Frame Relay - keeps the advantages while ditching disadvantages
Can handle any transport medium and any protocol
A common WAN technology i.e. "Ready-to-network"
Multipoint Generic Routing Encapsulation (mGRE): Tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inide virtual point-to-point links or point-to-multipoint links over an IP network
Used extensively for Dynamic Multipoint VPN (DMVPN)
VPN builds itself and has remote sites communicate to each other
Tunnels are built dynamically, on demand - often called a dynamic mesh
Service-Related Entry Point
Demarcation Point: The point where you connect with the outside world e.x. WAN provider, internet service provider, the dermarc
Exist everywhere even in homes - placed in central locations, usually a network interface device and can be as simple as an RJ-45 connection
Smart-jack: Technically a "Network Interface Unit (NIU)", this is the device that determines the demarc, can be a NIU or telephone network interface
Has built-in diagnostics, loopback tests, configuration, alarm & status lights
Virtual Network Concepts
v-Switch: Virtual version of a physical switch - same functionality with forwarding options, link aggregation, port mirroring, and net flow
Virtual Network Interface Card (vNIC): Takes place of a network interface card, configured and connected through the hypervisor
Network Function Virtualization: The replacement of network appliance hardware with virtual machines
The virtual machines use a hypervisor to run networking software and processes such as routing and load balancing
Hypervisor: Known as a virtual machine monitor (VMM), it is software that creates and runs virtual machines; it allows one host computer to support multiple guest VMs by virtually sharing its resources, such as memory and processing
Provider Links
Satellite: A combination of nodes that provides communication from one point on the Earth to another i.e. non-terrestrial communication
High cost relative to terrestrial networking
Network speed: 50 Mbit/s download, 3 Mbit/s upload
Remote sites, difficult to network sites
High latency: 250 ms upload, 250 ms download
High frequencies - 2GHz
Digital Subscriber Line (DSL): <copper> Asymmetric Digital Subscriber Line (ADSL) uses telephone lines to provide connectivity
~10,000 foot limitation to central office (CO)
200 Mbit/s downstream, 20 Mbit/s upstream
Cable Broadband: <copper> High speed connection that uses a cable TV infrastructure to provide Internet to end users, has a transmission across multiple frequencies and different traffic types
Data Over Cable Service Interface Specification (DOCSIS)
50 Mbits/s through 1000+ Mbits/s are common
Leased Line: A private telecommunications circuit between two or more locations provided according to a commercial contract
Metro Optical Ethernet (MOE): A scalable bandwidth solution using ethernet for metropolitan area networks
The provider network is often optical that uses wavelength division multiplexing
Fiber: High speed data communication that uses frequencies of light
Higher installation cost than copper due to equipment, repairs, and long distance
Large installation in the WAN core, supports high data rates
SONET rings and wavelength division multiplexing
No RF signal, very difficult to monitor or tap
[1.3] Summarize the types of cables and connectors and explain which is the appropriate type for a solution
Copper
Twisted Pair: A type of wiring in which two conductors of a single circuit are twisted together for the purposes of improving electromagnetic compatibility
Eight individually insulated strands of copper wire in each cable
Tighter twists = less EMI
Unshielded Twisted Pair (UTP): Number of twists determine how much EMI can be blocked, UTP is cheaper than STP and is the media of choice for most LANs
Shielded Twisted Pair (STP): Wires are twisted in pairs and surrounded in a metallic shielding
Pairs of wires with equal and opposite signals
Transmit+ & Transmit- / Receive+ & Receive-
Each pair in the same cable have different twist rates
1000BASE-T
Cat 5 *
100 meters
1000BASE-T
Cat 5e (enhanced)
100 meters
10GBASE-T
Cat 6 *
Unshielded: 55 meters Shielded: 100 meters
10GBASE-T
Cat 6a (augmented)
100 meters
10GBASE-T
Cat 7 (shielded only)
100 meters
40GBASE-T
Cat 8 (shielded only)
30 meters
*--> not used anymore
Coaxial / RG-6: Two or more forms share a common axis; used in television/digital cable and high speed internet over cable
Inner layer is an insulated conductor or center wire
Outer layer includes a braided metal shield to provide protection and EMI resistance
RG-6 is coaxial cable used to connect individual homes to cable companies
RG-59 is coaxial cable used to connect cable box to television
Twinaxial: Two inner conductors; common on 10 Gbit ethernet SFP+ cables - full duplex, five meters, low cost, low latency compared to twisted pair
Serial Cable: Usually has a series of straight copper wires inside a single cable or plastic jacket
DB-9 or DB-25 (RS-232 is the standard for it)
International ISO/IEC 11801 Cabling Standards: Defines classes of networking standards
Termination Standards: Telecommunications Industry Association (TIA) sets standards, market analysis, trade shows, government affairs, etc.
TIA is commonly referenced for pin and pair assignments of eight conductor 100 ohm balanced twisted pair cabling; ensures coloring and matching is universal
Coper Connector Types
RJ11: Registered Jack type 11; 6 position, 2 conductor (6P2C); RJ14 uses 6P4C for dual-line use
Telephone & DSL connection
Commonly only 2 or 4 pins are used
RJ45: Registered Jack type 45; 8 position, 8 conductor (8P8C)
Modular connector, ethernet, used for LAN
Most Ethernet use only 4 pins
Data Terminated Equipment (DTE): "Endpoint" devices i.e. laptops, desktops, servers, routers
Data Communications Equipment (DCE): Includes switches, modems, hubs, and bridges
Straight-Through Cables: Contain the exact same pinout on both ends of the cables (T-658B is the preferred standard for wiring a building if no pre-existing pattern is used)
DTE to DCE e.x. desktop to switch
Crossover Cables: Swaps the send and receive pins on the other end of the cable when the connector and its pinout are created
DTE to DTE e.x. desktop to router
DCE to DCE e.x. switch to bridge
Rollover Cable: Has opposite pin assignments at each cable - used to connect a computer terminal to a router's console port
Medium Dependent Interface Crossover (MDIX): Automated way to electronically simulate a crossover cable connector when using a straight-through patch cable
Plenum Cable: A special coating put on a UTP or an STP cable that provides a fire-retardant chemical layer to the outer insulating jacket, minimizes dangerous fumes
Registered Jack (RJ): Used to carry voice or data which specifies the standards a device needs
F-Type Connector: Cable television connector used with cable modem or DOCSIS (Data Over Cable Service Interface Specification)
Fiber
Single Mode: Long-range communication up to 100km
Expensive light source i.e. laser beam
Smaller core size which allows for only a single mode of travel for the light signal
Multimode: Short-range communication up to 2km
Uses inexpensive light source i.e. LED
Used for shorter distances and has larger core size to allow multiple modes of travel for light
Fiber Connector Types
Local Connector (LC): Has 2 different fibers (send & receive) that plug in with locking connectors, small so popular on routers and switches
Straight Tip (ST): Lock in place using bayonet connectors
Subscriber Connector (SC): Square connectors that lock in place using a spring mechanism
Mechanical Transfer Registered Jack (MT-RJ): Tiny fiber connectors that can be connected into the smallest amount of available space; has locking mechanism similar to LC which is a tab lock
Angled Physical Contact (APC): Ferrule end-face radius polished at an eight degree angle with a low return loss and generally higher insertion loss than UPC
Ultra Physical Contact (APC): Ferrule end-face radius polished at a zero degree angle with a high return loss (the amount of light reflected back to the source)
Transceivers
Transceivers & Media Converters: Operates on OSI layer 1 to convert the signals of one physical type to another (fiber to copper and vice-versa)
Transceivers are small components that contain a transmitter and receiver that provide a modular interface
Media converters are larger device used to convert a number of connections at a time
Duplex transceivers have two fibers for a transmit and receive fiber
Transceiver Type:
Duplex Transceiver: Two fibers used for a transmit and receive, full duplex
Bi-Directional (BiDi) Transceiver: Traffic in both directions with a single fiber using different wavelengths, reduces number of fiber by half, known as half-duplex
GBIC: Standard, hot-pluggable gigabit Ethernet transceiver
Small form-factor pluggable (SFP): Commonly used to provide 1 Gbit/s fiber (aka mini-GBIC)
Enhanced small form-factor pluggable (SFP+): Same physical size as SFP but supports data rates up to 16 Gbit/s, common with 10 Gbit Ethernet
Quad small form-factor pluggable (QSFP): 4 channel SFP, four 1 Gbit/s for 4 Gbit/s link
Enhanced quad small form-factor pluggable (QSFP+): 4 channel SFP+, four 10 Gbit/s for 40 Gbit/sec link
Cable Management
Patch Panel / Patch Bay: Mounted hardware assembly that contains ports that are used to connect and manage incoming and outgoing LAN cables
Provides a way to keep large number of cables organized
Enables flexible connectivity into network hardware located in a data center
Punch-down block on back side and RJ45 connectors on front
Different switch interfaces
Run to the desk doesn't move
Fiber Distribution Panel: Enclosures that act as a distribution hub for fiber cable
Permanent fiber installation
Patch panel at both ends
Too expensive to do runs from every user, so usually between floors or panels
Often include service loop to provide extra fiber for future changes
Punch-down Block: Mechanism used to cross-connect sets of wires through a metal peg system in LANs
66 Block: A patch panel for analog voice and some digital links; left side is patched to the right; older, can cause crosstalk due to proxmity of cables
110 Block: Wire to wire patch panel, no intermediate interface; replaces 66 block to support Cat5 and Cat6; connectors use bit to secure wire
Krone: European alternative to 110 block, used for analog and digital communication
BIX (Building Industry Cross-Connect): Created in 1970's by Northern Telecom; updated GigaBIX performance is better than Cat6 standard; requires specific tool
Ethernet Standards
Copper
Most popular networking technology in the world, modern Ethernet uses twisted pair copper or fiber. Technology used is BASE (baseband) meaning it uses a single frequency across the entire medium. This is as opposed to broadband which uses many frequencies that share the medium.
10 BASE-T (twisted pair)
Two pair, CAT3 cable minimum, 100 meter maximum distance
100 BASE-TX (fast ethernet)
Two pair, CAT5 cable minimum, 100 meter maximum distance
1000 BASE-T (gigabit ethernet over CAT5)
4-pair balanced twisted-pair, CAT5 or CAT5e, 100 meter maximum distance
Frequency use of 125 MHz
10 GBASE-T (10 gig ethernet over copper)
4-pair balanced twisted-pair, CAT6 or CAT6A, 100/55m distance (shielded/unshielded)
Frequency use of 500 MHz
40 GBASE-T (40 gigabit per second ethernet)
4-pair balanced twisted-pair, CAT8, 30 meter maximum distance
Fiber
100 BASE-FX
Pair of multimode fiber (same fiber technology as FDDI), laser components
400 meters (half-duplex), 2 kilometers (full-duplex)
100 BASE-SX
Less expensive version of 100BASE-FX
LED optics
300 meters maximum distance
1000 BASE-SX
Uses short wavelength laser, usually over multi-mode fiber
220 meters to 550 meters, depending on fiber type
1000 BASE-LX
Uses long wavelength laser
550 meters (multi-mode), 5 kilometers (single-mode)
10 GBASE-SR (short range)
Multi-mode fiber
26 to 400 meters, depending on fiber
10 GBASE-LR (long range)
Single-mode fiber
10 kilometers maximum range
Gigabit Ethernet over Fiber
Wavelength Division Multiplexing (WDM): Combines multiple signals into one signal and sends over a single fiber optic strand using different wavelengths of the laser light source
Coarse wavelength division multiplexing (CWDM)
10 GBASE-LX4 uses four 3.125 Gbit/sec carriers at four different wavelengths
Dense wavelength division multiplexing (DWDM)
Multiplex multiple OC carriers into a single fiber
Up to 160 signals, increases total throughput to 1.6 Tbit/s
[1.4] Given a scenario, configure a subnet and use appropriate IP addressing schemes
IP Address: A unique identifier for each device using the Internet Protocol to communicate over a network.
Subnet Mask: A 32 bit number that segregates an IP address into network and host bits.
Default Gateway: Device that serves as the forwarding host to other networks.
Public vs. Private
RFC1918 (Request for Comment 1918): IP Addresses that are assigned by an organization to an internal host - the addresses are used in private networks which are not reachable from the Internet
Public IP Address: Addresses that face toward the Internet and are purchased form an ISP
Publicly routable IP addresses are globally managed by ICANN
ARIN, LACNIC AFNIC, APNIC, and RIPE NCC
Private IP Address: Addresses that can be used by anyone and are not routable outside a LAN
Private IP Address Range Table:
A
10.0.0.0/8
10.0.0.0 - 10.255.255.255
16,777,216
B
172.16.0.0/12
172.16.0.0 - 172.31.255.255
1,048,576
C
192.168.0.0/16
192.168.0.0 - 192.168.255.255
65,536
IPv6 private addresses use unique local which is FC00::/7 - FDFF::/7
Network Address Translation (NAT): Method to map multiple private addresses inside a local network to a public IP address before transferring information onto the Internet
Port Address Translation (PAT): Extension of NAT that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses by using ports
IPv4 vs. IPv6
IPv4: First version of IP represented by four 8 bit fields split by a decimal
IPv6: Newer version of IP represented by eight 16 bit fields split by a colon
Automatic Private IP Addressing (APIPA): Enables computers to automatically self-configure an IP address and subnet mask when the DHCP server isn't reachable (169.254.x.x range)
Can only communicate to other local devices, no forwarding by routers
IETF has reserved 169.254.0.1 through 169.254.255.254
Automatically assigned, using ARP to confirm address isn't in use
Zero Configuration (Zeroconf): Set of technologies that automatically creates a usable computer network based on the IP suite when computers or peripherals are interconnected
Assigns link-local IP addresses, non-routable IP usable only on local subnet
Resolves computer names to IP addresses without the need for DNS --> mDNS
Locates networks services: SLP, SSDP, and DNS-SD
Extended Unique Identifier (EUI-64): Unique 64 bit IPv6 interface identifier generated from MAC
Split the MAC address in the middle --> 0015.2BE4.9B60 --> 0015.2B | E4.9B60
Insert FF:EE in the middle --> 0015.2BFF.EEE4.9B60
Change the format to colon --> 0015:2BFF:EEE4: 9B60
Convert first eight bits (2 bytes) to binary --> 0015 --> 00000000
Flip the 7th bit and convert back to hex --> 00000010 --> 02
Replace the old 2 bytes with the new 2 bytes --> 0215:2BFF:EEE4:9B60
Multicast: Data travels from a single source device to multiple specific destination devices
IPv4 --> 224.0.0.0 - 239.255.255.255
IPv6 --> FF02::1 (all nodes multicast group) or FF02::2 (all routers multicast group)
Unicast: Data travels from a single source device to a single destination device
IPv4 --> 0.0.0.0 - 223.255.255.255
IPv6 --> Global unicast is 2001:0DB8::/32 (documentation range)
Anycast: Designed to let one host initiate the efficient updating of router tables for a group of hosts - can determine which gateway host is closest and sends the packets to the host as though it were a unicast communication
IPv6 only! --> Uses same address range as the global unicast address
Broadcast: Data travels from a single source device to all devices on a destination network
IPv4 only! --> Directed is x.x.x.255 or limited is 255.255.255.255
Link Local: Used for addressing on a single link for purposes such as automatic address configuration, neighbor discovery, or in the absence of routers
IPv4 --> 169.254.0.0/16
IPv6 --> FE80
Loopback: An internal address that routes back to the local system
IPv4 --> 127.x.x.x range
IPv6 --> ::1/128
Default Gateway: Node in the network that serves as the forwarding host to other networks
IPv4 Subnetting
Classful IP Addresses Table:
A
0.0.0.0/8 - 127.0.0.1/8
Large networks with >16m hosts
B
128.0.0.0/16 - 191.255.0.0/16
Medium/large networks with ~65k hosts
C
192.0.0.0/24 - 223.255.255.0/24
Small networks with max 254 hosts
D
224.0.0.0 - 239.0.0.0
Multicast Block
E
240.0.0.0 - 255.0.0.0
Experimental Block
Classless: A more efficient use of IP addresses that utilizes subnetting and subnet masks
Subnetting: Uses subnet masks to create networks that are better scoped
Borrows bits from the original host portion and adds them to the network portion
More efficient use of IP addresses that classful default
Enables separation of networks for security
Enables bandwidth control
Classless Inter-Domain Routing (CIDR): IP address allocation method that improves routing efficiency on the Internet - uses "/X" notation with IP network to describe range
Routes can be summarized and advertised as a single route
Route Aggregation: Used to summarize contiguous networks
Variable-Length Subnet Masking (VLSM): Allows subnetss of various sizes to be used
Requires a routing protocol that supports it i.e. RIPv2, OSPF, IS-IS, EIGRP, BGP
IPv6 Concepts
Tunneling:
Dual Stack:
Shorthand Notation:
Router Advertisement:
Stateless Address Autoconfiguration (SLAAC): Discovers the current network interface is located on and then select its own host ID based on its MAC address using the EUI64 process
Eliminated the need of manual configuration or DHCP
Allows a device to obtain its prefix, prefix length, default gateway, DNS
Neighbor Discovery Protocol (NDP): Used to learn layer 2 addresses on a network for IPv6
Router Solicitation: Host sends message to locate routers on link
Router Advertisement: Router advertises their presence periodically and in response
Neighbor Solicitation: Used by nodes to determine link layer addresses
Neighbor Advertisement: Used by nodes to respond to solicitation messages
Redirect: Routers informing host of better first-hop routers
Virtual IP (VIP)
An IP address that does not correspond to a physical network interface, used for network address translation (NAT), fault tolerance, and mobility.
Subinterfaces
[1.5] Explain common ports and protocols, their application, and encrypted alternatives
Port Types
Port range is 0 to 65,535
"Well Known" & reserved port range is 0 to 1023
Ephemeral Ports: Short-lived transport port that is automatically selected from a predefined range i.e. ports 1024 to 65,535
PORT LIST
IP Protocol Types
Internet Control Message Protocol (ICMP): Network level (layer 3) protocol that communicates information about network connectivity issues - used during troubleshooting and by attackers for scanning
TCP: Operates at layer 4 of OSI model on top of IP for reliable packet transmission - operates by conducting a 3 way handshake and then establishing a connection
UDP: Lightweight protocol that works on top of IP - can detect if packets are corrupted using checksum, but there is no connection or sequencing to the UDP segments, good for audio/video
Generic Routing Encapsulation (GRE): A tunneling protocol that was developed by Cisco to encapsulate a wide variety of network protocols inside a virtual point-to-point/multipoint link
Important to set a smaller maximum transmission unit (MTU) on the tunnel
It does not provide encruption
Internet Protocol Security (IPSec): Set of secure communication protocols at the network or packet processing layer that is used to protect data flows between peers
Authentication Header (AH): Protocol that provides integrity and authentication
Encapsulating Security Payload (ESP): Provides encryption and integrity for packets, backwards-compatible with most IP routers even prior to IPSec
Connectionless vs. Connection-Oriented
[1.6] Explain the use and purpose of network services
DHCP
Provides automatic address and IP configuration for almost all devices
Based on the older Bootstrap Protocol (BOOTP) which required static databases of IP and MAC
Scope: Assigns an IP from an assignable pool
Exclusion Ranges:
Reservation:
Dynamic Assignment:
Static Assignment:
Lease Time:
Scope Options:
Available Leases:
DHCP Relay:
IP Helper / UDP Forwarding:
DNS
Converts domain names to IP addresses
Record Types:
Address (A vs. AAAA) > Hostname to IPv4 or IPv6
Canonical name (CNAME) > Points domain to another
Mail exchange (MX) > Mail server location
Start of authority (SOA) > Info about domain or zone
Pointer (PTR) > IP to domain
Text (TXT) > Readable text information
Service (SRV) > Host and port for specific services
Name server (NS) > DNS nameserver with authority
Global Hierarchy:
Root DNS Servers
Internal vs. External:
Zone Transfers:
Authoritative Name Servers:
Time to Live (TTL):
DNS Caching:
Reverse DNS Lookup / Forward Lookup:
Recursive Lookup / Iterative Lookup:
Windows Internet Name Service (WINS): Converts NetBIOS computer name into an IP address --> Windows server address alternative to DNS
NTP
Stratum:
Clients:
Servers:
[1.7] Explain basic corporate and datacenter network architecture
IEEE Categories
IEEE: Institute of Electrical and Electronics Engineers > Creates standards
802.1: Higher Layer LAN Protocols Working Group
802.3: Ethernet Working Group
802.11: Wireless LAN Working Group i.e. Wi-Fi
802.15: Wireless Personal Area Network (WPAN) i.e. Bluetooth
802.16: Broadband Wireless Access i.e. WiMax
Three-Tier Data Center Architecture
Core Layer: Core switches with high throughput and advanced routing
Distribution Layer: Mid-tier switches with an emphasis on uplink speeds
Services include load balancing and firewalls
Edge Layer: Access switches, top-of-rack switch of 24-48 ports and 1-10 Gbps speeds
Software Defined Networking (SDN)
Application Layer [COMMS]: Focuses on the communication resource requests or information about the network
Infrastructure Layer [DECISION]: Contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements
Control Layer [ROUTING]: Uses application information to decide how to route a data packet to make decisions about how traffic should be prioritized, secured, and forwarded
Management Plane [VIEWS]: Used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight
Spine and Leaf
Software-Defined Network:
Top-of-Rack Switching:
Backbone:
Traffic Flows
North-South:
East-West:
Branch Office vs. On-Premises
Datacenter vs. Colocation
Storage Area Networks
Connection Types:
Fibre Channel over Ethernet (FCoE)
Fibre Channel
Internet Small Computer Systems Interface (iSCSI)
[1.8] Summarize cloud concepts and connectivity options
Deployment Models
Public:
Private:
Hybrid:
Community:
Service Models
Software as a Service (SaaS):
Infrastructure as a Service (IaaS):
Platform as a Service (PaaS):
Desktop as a Service (DaaS):
Infrastructure as Code
Automation / Orchestration:
Connectivity Options
Virtual Private Network (VPN): Secure virtual tunnel over an untrusted network like the Internet
VPN Concentrator: The device that terminates VPN tunnels, firewalls can perform this function
VPN Headend: A specific type of VPN concentrator used to terminate IPSec VPN tunnels
Private-Direct Connection to Cloud Provider:
Multitenancy
Elasticity
Scalability
Security Implications
Last updated
