LAN/WAN
LAN(LocalAreaNetwork)
datanetworkrestrictedtoasinglegeographiclocation
encompassesarelativelysmallarea
(examples)office,building,school,etc.
WAN(WideAreaNetwork)
spansmorethanonegeographiclocationlocation
connectsseparateLANs
MAN(MetropolitanAreaNetwork)
WANthatisconfinedtoacertaingeographicarea
(example)universitycampus,city,etc.
NetworkModels
PeertoPeer
decentralizednetworkmodel
nocentralizedstorageofdataorcontroloverthesharingoffilesor
resources
eachcomputerservesasitsownclientandserver
noadminisneeded
nomorethan10computersshouldbeconnected
Client/Server
centralizedmodel
servicesaremanagedfromacentrallocation
usermanagement
security
backupprocedures
sizeisonlylimitedbyserversize
Theroleoftheclientcomputeristorequestthedatafromtheserver
CentralizedComputingmodel
onesystemprovidesboththedatastorage+processingpowerforclient
systems
DistributedComputingmodel
processingpowerdistributedbetweenclientsystemsandserver
WiredNetworkTopologies
Topology
physicaltopologynetworksphysicallayoutofcomputercables/devices
logicaltopologythewayinwhichthenetworkappearstothedevicesthat
useit
Bus
allcomputersareconnectedtoasinglecableservingasthebackbone
TConnectorsusedforsystemstoconnecttobackbone
eachendofthebusmustbeterminated
ifnot,itdisruptsdatatransmissions
oneendalsomustbegrounded
ahuborswitchisnotneeded
Ring
itislogical
datatravelsinacircularfashion
huborswitchisnotneeded
ifsinglesystemonringfails,wholenetworkfails
whencomputersareaddedorremovedfromnetwork,disruptionoccurs
MSAU(MultiAccessUnit)performsthetokencirculation
Star
allcomputersconnecttoacentraldevice(huborswitch)
eachconnecteddevicerequiresasinglecabletobeconnected
createsapointtopoint(PtP)connection
easiesttoexpandandadddevices
mostpopular
Mesh
eachcomputeronnetworkconnectstoeveryothercomputer
pointtopoint(PtP)witheachcomputer
provideshighlevelofredundancy
betterfaulttolerance
tocalculatenumberofconnectionsinamesh
y(y1)/2y=#ofcomputers|5computers=10connections
Hybrid
combinesdifferentkindsoftopologies
PtP(PointtoPoint)
2computersconnecteddirectlytoeachother
noneedforacentraldevice
canbecreatedusingacrossovercable
2
(example)computerconnectedtoprinter
PtMP(PointtoMultiPoint)
lookslikeastarnetwork,butwithoutacentralconnection
hasasinglesystemactingascommonsourcethroughwhichall
membersareconnected
haddevicethatprovidesapathtoanyorallconnecteddevices
MPLS(MultiprotocolLabelSwitching)
technologydesignedtospeeduptrafficflow
createsachannel/pathforpacketstoreachdestination
eachpacketisassignedalabel
thelabelassociatesitwiththespecificpath
allpacketswiththesamelabelusethesamepath
knownasLSP(LabelSwitchedPath)
eliminatesneedtocheckthepacketforforwardingateachhop
reducesneedtocheckroutingtables
WirelessNetworkTopologies
Infrastructure
usedtoextendawiredLANtoincludedwirelessdevices
wirelessdevicescommunicatewiththewiredLANthroughtheWAP
commonlyusedtoextendawiredLANtoincludewirelessdevices
WAPformsabridgebetweenawirelessandwiredLAN
WAPmuststayconnectedtothewirednetwork
therecanbeseveralwaptocoveralargearea,orasinglewapforsmaller
areas
AdHoc
devicescommunicatedirectlybetweenthemselveswithoutusingan
accesspoint
connectasmallnumberofcomputers
doesnotuseanAP
VirtualNetworks
VPN(VirtualPrivateNetwork)
asecurecommunicationchannelacrossthepublicnetwork,enabling
accessforaclienttoaprivatenetwork
suchasacompany'sinternalnetwork
providespointtopointdedicatedlinkbetweentwopointsoverapublicIP
network.
establishesconnectionbetweenremoteclientsandaprivatenetwork
3
ComponentsofVPNConnection
VPNclientcomputerthatinitiatestheconnection
VPNserverauthenticatesconnections
Accessmethodpublicnetwork,sometimesaprivateintranet
VPNprotocols
PPTP(PointtoPointTunnelingProtocol)
L2TP(Layer2TunnelingProtocol)
enablesauthenticationandencryptiontoprotectdatafrom
generalpublic
LANtoLAN
whenaVPNisusedtoconnectoneprivateLANtoanother
VLAN(VirtualLocalAreaNetwork)
usedfornetworksegmentation
Logicalgroupofworkstations
segmentationisusedforseveralreasons
security,organization,performance
agroupofconnectedcomputersthatactasiftheyareontheirown
networksegments
VLanMembership
Protocolbased=assignedbytheirprotocolinuseandtheLayer3
Portbased=theportsoftheswitchareconfiguredtobelongtothe
variousVLAns
MACaddressbased=assignsmembershipaccordingtothe
workstationsMACaddress
Subnetbased=thesubnetsoftheIPaddressesofindividual
computersareusedtoidentifytheVLANtowhichitbelongs
{OSI+TCP/IPModels+NetworkProtocols}
OSILayers
(OpenSystemInterconnection)
Describesanetworkarchitecturethatenablesdatatobepassedbetween
computersystems
Layer1PhysicalLayer
Layer1Devices=NIC,Hub,Repeater,networkcabling
Definesthephysicalstructureofthenetworkandthetopology
Hardware
typeofcable,connector,pinoutformatforcables
4
Topology
ring,mesh,star,bus
definesvoltage,frequencyofsignals,speedandbandwidth,maximum
distance,multiplexingstrategy
Commonproblems=NICfailureornotproperlyseated,faultyhubor
repeater,cutordamagednetworkcable
bitsthelogicalgroupingofdataatthePhysicalLayer
Layer2DataLinkLayer
Layer2Devices:Bridge,Switch,NIC,AP
Receivesandputsdataonthecable
Provideserrordetectionandcorrection
Twosublayers:MACandLLC
responsibleforgettingdatatoLayer1(PhysicalLayer)
gettingdataonoroffthecable
responsibleforerrordetection,errorcorrectionandhardwareaddressing
Whensendingdata:groupsbitsintopacketsfortransmissionover
network
Whenreceivingdata:takespackageddataandbreaksitintoindividualbits
forLayer3
MACLayer
(MediaAccessControlLayer)
MACaddressisdefinedatthislayer
(example)00:A0:C9:14:C8:29
FirsthalfofMACaddressisIDnumberoftheNIC
manufacturer
SecondhalfistheuniquenumberassignedtotheNICby
themanufacturer
LLCLayer
(LogicalLinkControlLayer)
responsibleforflowcontrol
Willmakesurenottoomuchdataisbeingsentwaiting
periodfordataisnottoolongdatathatwasdamagedgats
resent
CRC(CyclicRedundancyCheck)
provideserrordetectionbyusingacalculatedvalue
isavaluethatisaddedtothepacketbytheLLConthe
sendingend
itsrecalculatedonthereceivingendandcomparedtothe
originalifmatches,dataisok
frames/packetsthelogicalgroupingofdataattheDataLinkLayer
5
Layer3NetworkLayer
Layer3Devices:Switch,Router
Handlesthediscoveryofdestinationsystemsandaddressing
Managesnetworkaddresses
whenReceivingData
readsdatapacketsthatarepassedfromLayer2
Checkspacketsfordestinationaddress
ComparesdestinationaddresstoitsownIPaddresstodetermine
ifthepacketshouldbepasseduptoLayer4
whenSendingData
receivesdatafromlayer4
addsitsownIPaddresstothepacketasthesourceaddress
protocolsatLayer3areresponsibleforrouteselection
Datagrams/PacketsthelogicalgroupingofdataattheNetworkLayer
Layer4TransportLayer
Providesconnectionservicesbetweensendingandreceivingdevices
Ensuresreliabledatadelivery
correctsequence,withouterrors,fastestandmostefficientflow
ratepossible
Managesflowcontrolthroughbufferingorwindowing
Providessegmentation,errorchecking,andserviceidentification
Segmentationblocksofdataneedtobebrokenintopacketsof
manageablesizedforthelowerlayers(andoppositeforupperlayers)
dataistransferredovernetworkintwoways:
UDPconnectionless
excellentfordatathatmustbedeliveredasap
(examples)video,walkitalkieradio,etc.
noconfirmation
TCPconnectionoriented
connectionisestablishedbeforecommunicationbegins
dataisdeliveredinsections
confirmationsystemisusedtomakesurethedatawas
delivered
Dataflowcontrol
Bufferingdataistemporarilystoredandwaitsforthedestination
devicetobecomeavailable
Windowingdataissentingroupsofsegments
6
Layer5SessionLayer
Synchronizesthedataexchangebetweenapplicationsonseparate
devices
Layer6PresentationLayer
ServesastranslatorbetweenLayer7andLayer5
Translatesdatafromtheformatedusedbyapplicationsintoonethatcan
betransmittedacrossthenetwork
FormatsdatafromLayer7intoformatthatcanbesentovernetwork
Handlesencryptionanddecryptionofdata
encryptionscramblingofdatasothatitcantbereadbyanyone
otherthantheintendedrecipient
Providescompressionanddecompressionfunctionality
Layer7ApplicationLayer
Providesaccesstothenetworkforapplications
Takerequestsanddatafromtheusersandpassthemtothelowerlayers
oftheOSImodel
providesfullenduseraccesstonetworkservices
thisiswherebits(0sand1s),MACandIPaddressesaretranslatedsoppl
canunderstandit
TCP/IPModel
TCP/IPModel
OSIModel
4.ApplicationLayer
7.ApplicationLayer
6.PresentationLayer
5.SessionLayer
3.TransportLayer
4.TransportLayer
2.InternetLayer
3.NetworkLayer
1.NetworkInterface
Layer
2.DataLinkLayer
1.PhysicalLayer
ProtocolPorts
Protocol
Port
FTP
20,21
SSH
22
Telnet
23
SMTP
25
DNS
53
DHCP(BOOTPserver) 67
DHCP(BOOTPclient)
68
TFTP
69
HTTP
80
POP3
110
NNTP
119
NTP
123
IMAP4
143
SNMP
161
HTTPS
443
RDP
3389
Protocols
IP(InternetProtocol)
connectionless
responsibleforaddressingandroutingofpacketsbetweencomputers
usedtomovedataaroundanetwork
Layer3NetworkLayer
TCP(TransmissionControlProtocol)
Layer4
connectionoriented
8
responsibleforguaranteeddeliveryofdata
offersflowcontrol,sequencing,retransmissionofdroppedpackets
TCPthreewayhandshake
1.sendsmessagecalledaSYNtothetargethost
2.hostsendsbackacknowledgement,ACK
3.respondstotheacknowledgementwithanotherACK
breaksdataintomanageablepackets
tracksinfosuchassource&destinationofpackets
abletoreroutepackets
UDP(UserDatagramProtocol)
connectionless
Layer4TransportLayer
DHCP(DynamicHostControlProtocol)
GivesoutIPaddresses
FTP(FileTransferProtocol)
usedfortransferringfilesbetweentworemotesystems
uploadsanddownloadsfilestoandfromremotehost
basicfilemanagementtasks
Layer7ApplicationLayer
port21ismostlyusedinmodernimplementations,not20
SFTP(SecureFileTransferProtocol)
securelyuploadsanddownloadsfilestoandfromremotehost
basedonSSHsecurity
Layer7ApplicationLayer
TFTP(TrivialFileTransferProtocol)
connectionless
Layer7ApplicationLayer
SMTP(SimpleMailTransferProtocol)
HTTP(HypertextTransferProtocol)
retrievesfilesfromawebserver
Layer7ApplicationLayer
HTTPS(HypertextTransferProtocolSecure)
secureprotocolforretrievingfilesfromawebserver
Layer7ApplicationLayer
POP3/IMAP4
retrievesmail
cannotsendmail
Layer7ApplicationLayer
Telnet
enablessessionstobeopenedonaremotehost
Layer7
SSH(SecureShell)
9
port:22
enablessecuresessionstobeopenedonremotehost
orsecurealternativetoTelnet
Layer7
ICMP(InternetControlMessageProtocol)
usedforerrorreporting,flowcontrol,routetesting
Layer3
ARP(AddressResolutionProtocol)
resolvesIPaddressestoMACaddressestoenablecommunication
betweendevices
Layer2
RARP(ReverseAddressResolutionProtocol)
resolvesMACaddressestoIPaddresses
NTP(NetworkTimeProtocol)
communicatestimesynchronizationinformationbetweendevices
Layer8
NNTP(NetworkNewsTransportProtocol)
SCP(SecureCopyProtocol)
LDAP(LightweightDirectoryAccessProtocol)
Accessesandqueriesdirectoryservicessystems
Layer7
IGMP(InternetGroupManagementProtocol)
TLS(TransportLayerSecurity)
SIP(SessionInitiatedProtocol)
RTP(RealtimeTransportProtocol)
fortransportingrealtimedata
oftenusedwithVoIP
Layer7
DNS(DomainNameService)
resolveshostnamestoIPaddresses
beforeDNStheInternetusedtouseatextfilecalledHOSTStoperformname
resolution
DNSClients
AKAresolvers
systemsthataskDNSserversforahostnametoIPaddressmapping
DDNS(DynamicDNS)
newersystemthatenableshoststobedynamicallyregisteredwiththe
DNSserver
DNSnamespace
spacethathaslogicaldivisionshierarchicallyorganized
10
.com.edu.uk.de
FQDN(FullyQualifiedDomainName)
domainnamealongwithsubdomains
(example)www.comptia.org
www=host
comptia=secondleveldomain
.org=topleveldomain
reverselookup
IPaddresstohostname
accomplishedbyusingPointerRecords(PTR)
DNSRecords
MX(MailExchange)
storesinfoaboutwheremailforthedomainshouldbedelivered
AAAA(IPv6)
StoresinfoforIPv6addresses
itiscommonlyusedtomaphostnamestoanIPaddressforahost
CNAME(CanonicalName)
storesadditionalhostnames,oraliases,forhostsindomain
givesinglecomputermultiplenames(aliases)
PTR(Pointer)
usedtoperformareverseDNSlookup
nameisreturnedwhenqueryoriginateswithanIPaddress
SOA(StartofAuthority)
recordofinfocontainingdataonDNSzonesandotherDNS
records
WINS(WindowsInternetNameServices)
canbeusedtoresolveNetBIOSnamestoIPaddresses
SNMP
(SimpleNetworkManagementProtocol)
protocolthatmakesNMSpossible
NMS=NetworkManagementSystem
usedformonitoringinformationonanetwork
performedthroughasoftwarecomponentcalledanagent
monitoranydevicethatisSNMPcapable
computers,printers,routers,servers,etc.
MIB
databasesofinfotodefinewhatparametersareaccessible,readonlyand
canbeset
11
Communitieslogicalgroupingsofsystems.Ifdeviceispartofacommunitytit
communicatesonlywithotherdeviceswithinit
trapscapturessnapshotdataofthesystem
couldbesystemerrors,resourceinfoetc.
SNMPv2
enhancementsonv1
includesbitstrings,networkaddressesandcounters
SNMPv3
bettersecurity:authentication+encryption
DHCP
scopesrangesofIPaddresses
leaseaddressthatisassignedforapredeterminedamountoftime
reservationwhenaspecificaddressassignedtoaclient.IPalwaysremainsthe
same.
exclusioncertainIPaddressesthatarenottobegivenout
DHCPisprotocoldependent,notplatformdependent.
CanprovideDNSsuffixestoclients
DNSSuffixesdefineDNSserverstobeusedandtheorderinwhichto
usethem
Process
1.Clientbroadcastsdhcpdiscoverpacket
2.DHCPpicksupthepacket,comparesrequestwithscopesithas
defined
3.DHCPsendsaddress+leasedurationthroughdhcpofferpacket
4.Clientreceivesoffer,determinesifitissuitable
5.Clientsendsbackdhcprequestpacket
6.DHCPfinalizesandsendsdhcpackpacketofacknowledgement
{Addressing+Routing}
IPAddressing
IPAddressdefinesthenumberofthenetworkandthenumberofthenode
SubnetMaskdefineswhichportionoftheIPaddressreferstothenetwork
addressandwhichreferstothenodeaddress
DefaultGatewaypathoutofthenetworkforagivendevice
12
ifsystemisnotconfiguredwithanystaticroutesoradefaultgateway,itis
limitedtooperatingonitsownnetworksegment
Subnetting=increasednumberofnetworkIDsdecreasesnumberofnodeIDs
Unicast=singleaddressisspecified.Dataisdeliveredtoaspecificnode.
Broadcast=messagegoestoeveryoneonthenetwork
Multicast=asinglesourcesendsdatatomultipledestinationaddresses
CIDR(ClasslessInterdomainRouting)
methodtoassignaddressesoutsidethestandardABCclasses
BOOTP=usedtoobtaininfoneededtoconnecttothenetwork
SystemthatdoesnotsupportAPIPAwillassignitselfanIPaddressof0.0.0.0.
IPv4
LoopbackAddress
IPv6
127.0.0.1
::1
PublicIPranges
ClassA:1.0.0.0126.255.255.255
ClassB:128.0.0.0191.255.255.255
ClassC:192.0.0.0223.255.255.255
GlobalUnicastAddresses
Privatenetworkaddresses
ClassA:10.0.0.010.255.255.255
ClassB:172.16.0.0172.31.255.255
ClassC:192.168.0.0192.168.255.255
SitelocalAddressranges
FEC0::
Autoconfiguredaddresses
APIPA:169.254.0.1169.255.254.0
LinklocalAddresses
FE80::
Networkwideaddresses
NAT(NetworkAddressTranslation)
EnablesaLANtouseadifferentsetofIPaddressesforinternaltrafficand
anotherforexternal
computerscanhidebehindasingleIPaddress
oneregisteredIPaddressactsasthegatewaybetweentheinternalandexternal
networks
totheremotehost,therequestlookslikeitisoriginatingfromasingleaddress
systemperformingNATfunctionkeepstrackofwhoaskedforwhatandmakes
suredataisreturned
PAT(PortAddressTranslation)
aserviceofNAT
SNAT(StaticNAT)
mapsaprivateIPtoastaticunchangingpublicIPaddress
13
Routing
DefaultGateway
istheroutersIPaddress
helpforwardthepackettoitsdestinationnetwork
providesroutefordestinationsoutsidethelocalnetwork
gatewaycanbeadevice,systemorapplicationthattranslatesdatafrom
oneformatintoanother
RoutingTable
Destination=thehostIPaddress
NetworkMask=thesubnetmaskvalueforthedestination
Gateway=WheretheIPaddressissent
Interface=addressofinterfaceusedtosendthepacketofdestination
Metric=measurementofdirectnessofaroute,thelowerthemetricthe
fastertheroute
HopCountsnumberofhopsnecessarytoreachnode.ifitcounts
toinfinityitmeansrouteisunreachable.
MTU(MaximumTransmissionUnit)defineslargestdataunitthat
canbepassedwithoutfragmenting
Bandwidthmaximumpacketsizepermittedfortransmission
Coststhelowerthecost,themorethatrouteshouldbefavored
Latencyamountoftimeittakesforpackettotravelfromone
locationtoanother
routersgetinfofortheroutingtableintwoways:staticrouting&dynamicrouting
StaticRouting
ismanuallyenteredintotheroutingtable
routeadd=commandusedtoaddastaticroutetotheroutingtable
routeaddp=makesthestaticroutepersistent
DynamicRouting
routerspassinfoaboutthemselvestootherrouterssothattheycanbuildrouting
tables
uses2protocols:DistanceVectorRouting&linkstate
DistanceVectorRouting
eachrouteronnetworkcommunicatesalltheroutesitknowsabouttothe
routerstowhichitisdirectlyattached
RIP
limitedtoamaxof15hops
requiresupdatesevery30seconds
noauthentication
14
RIPv2
authentication
limit15hops
BGP
pickbestavailableroute
EIGRP
usesneighborstohelpdetermineroutingtable
keepscopyoftheirroutinginfo
findbestpossibleroute
usingDAUL(DiffusingUpdateAlgorithm)
Convergencetimefortherouterstodetectandaccommodateachange
RoutingLoopsoccurwhenroutingtablesontheroutesareslowto
update
SplitHorizontopreventroutingloops
PoisonReversetopreventroutingloops
NextHopthenextclosestrouterthatapacketcangothrough
LinkStateRouting
buildamapofentirenetworkandthenholdsthemapinmemory
updatesoccurlessfrequently
OSPF (OpenShortestPathFirst)
leastcostpath
usedinmediumtolargeenterprisenetworks
ISIS
discoversshortestpathfordatatotravelusingShortestPathFirst
algorithm(SPF)
inlargeISPnetworks
STP(SpanningTreeProtocol)
Activelymonitorsthenetworkandshutsdownredundantlinkstoprevent
switchingloops
Switchingloopscausedbyhavingmorethanonepathbetweentwoswitchesin
anetwork
STPpreventsthis
STAisthealgorithmSTPusestocorrectloops
BPDU(BridgeProtocolDataUnit)
usedtoidentifythestatusofportsandbridgesacrossthenetwork
redundantpathsandloopscanbeavoidedwithportsby:
blocking|disabled|forwarding|learning|listening
Trunking
15
trunkingistheuseofmultiplenetworkcables
LinkAggregationisanothernameforit
theprocessoftransferringVLANtrafficbetweenmultipleswitches
toconnectthetwo(ormore)switchestogether
configureaportoneachswitchasatrunkport
connecttwoswitchesviatrunkports
IEEE802.1Qisthetrunkstandardthatnowallowsyoutoconnectswitchesfrom
differentmanufacturers
PortMirroring
monitorsnetworktraffic
enablesadministratorstomonitorthetrafficoutboundandinboundtotheswitch
{Components+Devices}
Bridges
ConnectsLANstoreduceoverallnetworktraffic
enablesdatatopassthroughitorpreventdatafrompassingthroughit
donebyreadingMACaddress
dividelargernetworksintosmallersections
sitsbetween2physicalnetworksegmentsandmangesflowofdata
betweenthem
canelecttoforwardthedataorblockitfromcrossing
canconnecttwophysicalLANSintoalargerlogical
LAN
learningbridgescanbuildalistofMACaddress
BridgePlacement
80%ofdatashouldbelocal
20%shouldbeforothersideofbridge
BridgeLoops
whenmorethanonebridgeisimplementedonnetwork
SpanningTreeProtocolassignsvaluetobridgetobeusedtocontrol
bridgelearningprocess
TransparentBridge
devicesonnetworkdontseeit
usedtosegmentanetwork
reducesnumberofcollisionsandtraffic
blocsorforwardsdatabasedontheMACaddress
16
SourceRouteBridge
usedintokenringnetworks
TranslationalBridge
convertsonenetworkingdataformattoanother
NIC
LinkLightindicateswhetheranetworkconnectionexists
ActivityLightindicatesactivity,shouldflicker
Switches
Cutthroughpacketjustgetsforwarded,noerrorcheck
storeandforwarderrorcheckedbeforeforwarded
FragmentFreefasteratforwarding+checking
CSU/DSU
translatesdigitalsignalsusedonaLANintothoseusedinWAN
Modems
modulate/demodulate
translatessignalsfromanalogtodigital
translatessignalsfromdigitaltoanalog
MediaConverter
interconnectsoldertechnologieswithnewerones
ahardwaredevice
connectsnewerGigabitEthernettechnologieswitholder100BaseTnetworksor
oldercopperstandardswithfiber
{SpecializedNetworkDevices}
BandwidthShaper
Monitorsandshapes
identifieswherebandwidthusageishighandthetimeofday
shapebandwidthusage
TrafficShaping
usedtocontrolbandwidthusageonthenetwork
controlwhousesbandwidth,forwhatpurposeandwhattime
17
ContentFilter
controlswhatauserisallowedtopursue
blockaccesstocertainwebsitesorauser
LoadBalancer
workloadisdistributedbetweenseveralservers
increasesredundancyanddataavailability
increasesperformancebydistributingworkload
canbeeitherahardwaredeviceorsoftware
MultilayerSwitches
Operatesasarouter+switch
Layer2+Layer3
ContentSwitch
identifyandforwarddatabyitsportandapplication
helpdistributetheload
1.examinesthenetworkdataitreceives
2.decideswherethecontentisintendedtogo
3.thenforwardsit
ProxyServer
usuallypartoffirewallsystem
aserverthatsitsbetweenaclientpcandInternet
sendsrequestasifitoriginatedtherequest
asiftherequestcamefromtheproxy,nottheclientcp
retrievesinfoandreturnsittotheclient
Caching
makesacopyofallorpartofthepageinitscache
whenpageisrequestedagain,proxyserveranswerstherequestfromthe
cache
allowsnetworkadminstofilterclientrequests
canblockaccesstocertainwebsites
ACLalistofallowedorunallowedwebsites
18
VirtualServers
asingleservercanhostmultiplelogicalmachines
VirtualSwitches
allowsmultipleswitchestoexistonsamehost
usedwithVLANimplementations
canprovideadirectchallengetothevirtualEthernetadaptersforconfiginfo
OpenvSwitchanopensourcevirtualswitch
VirtualPBX
(VirtualPrivateBranchExchange)
phonesystem
handlesfeaturessuchascallrouting,voicemail,faxing..etc.
aservicethatiscontractedouttoavendor
routedthroughavendor
theyareresponsiblefortheequipmentandsoftware
VoIPisusedforroutingthevoicetraffic
Onsite/Offsite
offsitedatacenterhostedelsewhereandremotelyaccessed
anothervendorisresponsibleformaintaininghardwareandsoftware
(example)ElectronicMonitoringCompanyhasdatacomeintoserversin
Colorado,butoperatesworkwiththedatafromworkstationsinIndiana
NaaS(NetworkasaService)
vendorsofferanentirenetwork
freeingacompanyfromadministration
similartoSaas(SoftwareasaService)
OpenStackisanopensourceNaaSimplementation
{Installation+Configuration}
DemarcationPoint
pointwheretheserviceproviderstopsbeingresponsibleforthelineandit
becomesthetechniciansresponsibility
19
PacketSwitching
messagesarebrokenintosmallerpirecescalledpackets
eachpacketisassignedsource,destinationandintermediatenodeaddress
mostpopularswitching
1.VirtualCircuitswitching
usesalogicalconnectionbetweenthesourceandthedestinationdevice
2.DatagramCircuitswitching
packetsareindependentlysentandcantakedifferentpathsthroughthe
networktoreachtheirintendeddestinations
packetscanberoutedaroundnetworkcongestion
CircuitSwitching
offersadedicatedtransmissionchannelthatisreserveduntilitisdisconnected
whentransmissioniscomplete,channelisclosed
afterphysicalconnectionisestablished,itisunavailabletoanyothersessions
untiltransmissioncompletes
ISDN
usedtotransmitvoice,videoanddata
usespublicnetwork,requiresdialinaccess
canbeusedforcircuitswitchingconnections
canbeusedforpacketswitchingconnections
usedwithcopper/fiberoptic
leasedfromaserviceprovider
requiresdialupaccess
ISDNisfasterthanPSTN
PSTNusedwhenlittletrafficissentoveraline.mostcosteffective.limitedto56
Kbps
requiresdialupaccess
DChannelscarriessignalinginformation
BChannelcarriesthedata
BRIISDNusestwoB+1Dchannels
PRIISDNuses23B+1Dchannels
TCarrier
usedtocreatepointtopointnetworkconnectionsforprivatenetworks
usesincircuitswitching
leasedfromtelephonecompanies
T1
1.5Mbps
20
synonymouswithDS1
T3
4.7Mbps
synonymouswithDS3
FractionalTleasingportionsofaTcarrierservice
ATM
usesfixedcellsthatare53byteslong
1.544Mbpsto622Mbps
Cellswitching
usesSVC+PVC
FrameRelay
operatesatLayer1+Layer2
apacketswitchingtechnology
PVC(PermanentVirtualCircuit)
apermanentdedicatedvirtuallink
SVS(SwitchedVirtualCircuit)
representsatemporaryvirtualcircuitestablishedandmaintained
onlyforthedurationofadatatransfersesion
SONET/OCx(SynchronousOpticalNetwork)
definessynchronousdatatransferoveropticalcable
deliversvoice,dataandvideo
OCx(OpticalCarrier)
representtherangeofdigitalsignalsthatcanbecarriedinaSONET
fiberopticnetworks
eachleveldefinesthespeedatwhichitoperates
SDHistheEuropeancounterpartofSONET
DWDMworkswithSONET/SDH
PON(PassiveOpticalNetwork)
servicesanumberofdifferentlocations
usesunpoweredopticalsplitterstosplitthefiver
DSLInternetAccess
usesastandardphonelinetoprovidehighspeedInternetaccess
ADSL
21
providesahighdatarateinonlyonedirection
fastdownloadspeedsbutsloweruploadspeeds
designedtoworkwithexistingPOTSservice
bestforhomeuse
mostcommon
1stChannelresponsibleforanalogtraffic
2ndChannelprovidesuploadaccess
3rdChannelusedfordownloads
HDSL
SDSL
providesbidirectionalhighdataservice
VHDSLfasterversion
samespeedsforbothuploadsanddownloads
cannotshareaphoneline
TroubleshootingDSL
Physicalconnections
NIC
Drivers
protocolConfiguration
DSLLEDs
CableInternetAccess
CableModem
usescoaxconnectionforconnectingtotheprovidersoutlet
usesUTPconnectionforconnectingdirectlytoasystemortoahubor
switch
usesMDIX
sharesavailablebandwidthwitheveryoneelseincablearea
Satellite
OnewaySatellitesystem
requiresasatellitecardandsatellitedishinstalledatuserssite
outgoingrequestssentthroughphoneline
inboundtrafficreturnsonsatellitelink
TwowaySatelliteSystem
providesdatapathsforupstreamanddownstreamdata
RainFade=signallossduetomoistureinterference
Latency=timelapsebetweensendinginfoandtimetoreturn
22
Lineofsight=pathbetweensatellitedishandsatellite
Cellular
LTE
4G
uploadspeed=50Mbps
downloadspeed=100Mbps
WiMax
4G
uploadspeed:56=Mbps
downloadspeed=1Gbps
HSPA+
3G
{Cabling+Wiring}
BroadbandvsBasebandTransmissions
Baseband
digitalsignalsoverasinglewire
bidirectional,butnotatthesametime
TDM(TimeDivisionMultiplexing)
dividesasinglechannelintotimeslots
Broadband
useanalogtransmissions
FDM(FrequencyDivisionMultiplexing)
usedtocreatemultiplechannels
BPL(BroadbandoverPowerLines)
transmitdataoverlinesusedforelectricalpower
IEEE1901=forhighspeedcommunicationdevices
IEEE105=forhybridhomenetworks
bpl=HomePlug
Simplex/HalfDuplex/FullDuplex
Simplex=onewaycommunicationofdatathroughthenetwork
Halfduplex=transmitting+receivingbutnotatsametime
FullDuplex=simultaneouslytransmitandreceive
23
Noise
anyundesirableinfluencethatdegradesordistortsthesignal
EMI(ElectromagneticInterference)
wavesthatemanatefromelectricaldevicesorcables
RFI(RadioFrequencyInterferences)
causedbyradiowaves
Crosstalk
whentwowiresneareachotherandthesignalfromoneinfringeson
signaltravelingthroughtheotherwire
Attenuation
lossofsignalstrengthasitmovesfartherfromsource
Latency
amountoftimeittakeselectronstomovethroughthewire
Cabling
TwistedPair
STP(ShieldedTwistedPair)
MaxLength=100meters
FoilaroundeachpairpreventsEMI
lesssusceptibletointerference
arelargerthanUTPandlessflexibleduetoshielding
UTP(UnshieldedTwistedPair)
Susceptibletointerference(fluorescentlight)
4pairsoftwistedwires,8wirestotal
Categories(maxLength:100meters328feet)
CAT1Standardtelephonecable
CAT310Mbps
CAT416Mbps
CAT5100Mbps
usedwithRJ45connectors
CAT5e1Gbps
CAT610Gbps(55meters)
CAT6e10Gbps(100meters)
Plenumareaabovesuspendedceiling
fireresistantcable
CoaxCable
Singlecoreofcopper
Centralconductorwiresurroundedbyinsulationwhichissurroundedbya
braidedmetalshield
24
UsedforCableModems,ISP(InternetServiceprovider),CableTVand
Modembasedinternetconnections
AllcoaxcableshaveanRG(RadioGrade)rating
TheexamincludesRG6andRG59(mostcommonlyused)
bothareratedat75Ohms
RG49
Thinnet/10Base2
Carries10MbpsofEthernetdata
Maxlength:185meters
50ohmimpedance
RG6
Thicknet/10Base5
10Mbps
50MHzorhigher
Maxlength:500meters
75ohmimpedance
RG6/U
usedforcableTV
75ohmsofimpedance
Maxlength:300meters
Connectors:
Ftype(mostcommon)
BNC(older)screwbyspinningon
75ohimpedance
Note:
Baseband(Base)onlyonesignalatatimeissentontothe
networkmedium
Broadbandmultiplexesthesignalstoallowmultiplesignalson
themedium
FiberOpticCable
shootspulsesoflight
MultiMode
largercore,50115micronsindiameter
62.5micronsmostcommon
10Gbps
500600meters
usesLED(LightEmittingdiodes)tosendlightsignal
multiplesetsofdataatatime
SingleMode
Narrowcore,lessthan10microns
Datatravelsoversinglepath
25
Provideshighestbandwidthandlongestdistance
1Tbps
usesLasertosendlightsignal
3000meters40km
Throughputupto100Gbps
Plenum
areaabovesuspendedceiling
usedtorunnetworkcables
plenumcablescreatelowsmokeandlowtoxicfumes
CoaxialConnectors
BNC
FConnectors
TwistedPairConnectors
RJ45
FiberOpticConnectors
ST
SC
LC
WiringStandards
T568A
1.GreenWhite
2.Green
3.OrangeWhite
4.Blue
5.BlueWhite
6.Orange
7.BrownWhite
8.Brown
T569B
(preferredstandard)
switchupgreenwithorange
ifneededtoconnectT568AwithtypeB,useacrossovercable
CrossoverCable
AstandardnetworkcableiswiredusingtheT568AorBoneachend
(straightthroughwiring)
CrossovercablehastheAononeconnectorandBontheotherside.
RolloverCable
26
CablethatisusedtoconnecttoaCiscoRouterforConfiguration
akaYostCable
Almost100%uniquetoCiscorouters
calledrolloverbecausethepinoutsononearcarereversedontheotherend
asifthewirehasbeenrolledoverandyouareviewingitfromtheopposite
side
LoopbackCable
usedwhentroubleshootinganetworkissue
usedtoidentifyiftheproblemiswiththeNIC
testsNICcircuitrythatsendsandreceivesdatawithintheNIC
doesnotchecktheactualconnectionpins
NetworkCrossConnects
Horizontalcabling
cablingthatrunsfromworkareatoTelecomRoom
RunasinglepieceofcablerunningfromtheworkareatoTelecomroom
PatchPanel
makesreconfiguring/movingcablessafeandeasy
thefrontofapatchpanelhasfemaleconnectors(ports)fornetworkcables
Thebackofpatchpanelhaspermanentconnections
thehorizontalcablerunsareconnectedhere
Dataflowcanbechangedbyrearrangingthepatchcablespluggedintothefront
ofthepatchpanel
MDF(MaindistributionFrame)
housesthenetworkandtelphoneequipmentthatconnectstotheoutsideworld
IDF(IntermediateDistributionFrame)
whereallthehorizontalrunscometogether
Demarcation
alocationinthebuildingwhereaconnectionismadetotheoutsideworld
fortelephone&computernetworks
everythinginsidethedemarcationpointistheresponsibilityofthenetwork
administratororthecompany
everythingoutsideofdemarcationpointistheresponsibilityofserviceprovider
NIU(NetworkInterfaceUnit)
27
pieceofequipmentthatestablishedthedemarcationpointbetweenyour
networkandtheserviceprovidersnetwork
Firstpieceofequipmentthatislocatedinsidethedemarcpoint
markspointwheretechniciansresponsibilitybeginswiththenetwork
unitthatallowsnetworktointerfacewithoutsideworld
DemarcExtension
cableusedtoconnecttotheNIU
forcomputernetworks,1stdeviceinsidetheNIUisapowerfulswitch
NicknamesforNIU
SmartJack
NIB(NetworkInterfaceBox)
NID(NetworkInterfaceDevice)
CSU/DSU
usedwhentroubleshootinganetworkissue
usedtoidentifyiftheproblemiswiththeNIC
testsNICcircuitrythatsendsandreceivesdatawithintheNIC
doesnotchecktheactualconnectionpins
T1(1.544Mbps)
T3(45Mbps)
T1andT3connectedtelephoneservicetocustomer
isthedevicethatconnectstheT1orT3toyournetwork
channelserviceunit/digitalserviceunit
ACSU/DSUisrequiredoneachendoftheT1orT3line
manynewroutershaveitbuiltintothem
EuropeancounterparttoT1andT3areE1andD3
Carrier
Channels
Speed
T1
24
1.544 Mbps
T3
672
44.736 Mbps
E1
32
2.048 Mbps
E3
512
34.368 Mbps
28
Boding
bond two NICs together as one single connection
physically add another NIC card on the computer, then make another cable connection to
the switch
aka Link Aggregation ; NIC Teaming
the Link Aggregation Control Protocol (LACP) controls how multiple network devices
operate as a single connection
802.3EthernetStandards**
10BaseT
CableType:Cat3&Cat5
MaxDistance:100meters
Bandwidth:10Mbps
100BaseTX
CableType:Cat5
MaxDistance:100meters
Bandwidth:100Mbps
100BaseFX
CableType:FiberOptic
MaxDistance:412meters
Bandwidth:100Mbps
100BaseX
CableType:FiberOptic
MaxDistance:70km
Bandwidth:1000Mbps(1Gbps)
1000BaseT
CableType:Cat5&Cat5e&Cat6
MaxDistance:100meters
Bandwidth:1000Mbps(1Gbps)
1000BaseX
{Wireless}
802.11WirelessStandards
802.11a
Frequency: 5 GHz
54 Mbps
29
Encryption
WEP (Wired Equivalent Privacy)
64-bit key
WPA (WiFi Protected Access)
128-bit key
WPA 2
256-bit key (best encryption)
Encryption Protocol
TKIP
AES
replaced TKIP
used in WPA2
best encryption
ExtraNotes:
PacketSniffer
usedtocapturenetworkdata
hardwareorsoftwaredevice
PortScanner
mointortrafficcomingintoandoutofports
30