CompTIA Network+ - Module 1 - Network Architecture
Wireless Topologies - Mesh Topology
"Internet of Things" wireless networks often use mesh networking. These are individual devices that are able to discover each other and use each other as a large cloud of devices. This allows these devices not only to self-form into this mesh cloud, they can also self-heal. If a device is disabled, they can simply use this large number of devices to route around the problem and enable communication using a different path.
Subnet Calculations - Example 3
192.168.4.77 is a Class C address so it will have a default subnet mask of 255.255.255.0. So 192.168.4 is the network part of the address, and the 77 as the host part. To find the network address, then, we're going to set all the host bits to 0. So the network address is 192.168.4.0. The first available IP address on the subnet will be 1 value larger than the network address, or 192.168.4.1. For the broadcast address, we change all the host bits to 1, making that decimal value 255, which means the broadcast address is 192.168.4.255. That also means if we subtract 1 from that, we have the last available host address on this network, or 192.168.4.254.
Tunneling IPv6 - 4to6 tunneling
4-to-6 tunneling works in a manner similar to 6-to-4 tunneling. However, instead of tunneling IPv6traffic through an IPv4 network, 4-to-6 tunnels IPv4 traffic through an IPv6 network by encapsulating IPv4 packets within IPv6 packets.
Tunneling IPv6 - 6 to 4 addressing
6to4 addressing is a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the IPv4 Internet) without the need to configure explicit tunnels. It creates an IPv6 address based on the ipv4 address and requires relay routers (using IP protocol 41). It has no support for NAT
Tunneling IPv6 - 6 to 4 addressing (Functions)
6to4 performs three functions: • Assigns a block of IPv6 address space to any host or network that has a global IPv4 address. • Encapsulates IPv6 packets inside IPv4 packets for transmission over an IPv4 network using 6in4. • Routes traffic between 6to4 and "native" IPv6 networks.
802.11 Characteristics - Bandwidth Chart
802.11a uses 20 MHz and 802.11b uses 22 Mhz. The modulation used for these two standards was slightly different, but the overall amount of bandwidth was very similar b/w them. 802.11g used the same frequencies as 802.11b. To increase output we would need to use more frequency ranges. And with 802.11n, we have either 20 Mhz or 40 Mhz channel bandwidth. That means with 802.11n running at 2.4 Ghz, a 40 Mhz channel would use 80% of the available frequencies in the 2.4 gigahertz range. To avoid some of those bandwidth shortcomings with 2.4 Ghz, 802.11ac standard uses 5 Ghz. And it will use, at a minimum, 40 MHz of a channel bandwidth. It can also increase that to 80 MHz channel bandwidth, and that's required for 802.11ac, and if you even wanted to increase it to 160 megahertz bandwidth, you would be able to move that much more data through your 802.11ac network.
Wireless Standards - 802.11ac
802.11ac (2014) operates in the 5GHz band exclusively. There are some 802.11ac routers that you'll see communicating in both five GHz and 2.4 GHz, but all of the 2.4 GHz communication is via 802.11n. Because there's no requirement to communicate in the very crowded 2.4 GHz band, you can use much larger bandwidths within 5GHz, w/ 160 MHz channel bandwidths. 802.11ac can also bond together individual channels to create larger channel bandwidths. There's also, a denser signaling modulation, which means you can send data much faster. With 8 multi-user MIMO streams on 802.11ac, you can, theoretically, support almost 7 Gbps of throughput on this wireless network.
Wireless Standards - 802.11b
802.11b (1999) was released simultaneously 802.11a. It uses the 2.4 GHz range to communicate. 802.11b communicated at a maximum possible throughput of 11 megabits per second, which was significantly different than the 54 megabits per second available with 802.11a. But 802.11b gave us effectively longer ranges because those 2.4 GHz frequencies would bounce off of objects, rather than being absorbed. When challenged with 802.11b and these 2.4 GHz frequencies, however, is there are a lot of other devices that are communicating at that frequency. Cordless phones, baby monitors, and Bluetooth communications all operate at 2.4 GHz and could potentially, create conflicts with the 802.11b communication.
Wireless Standards - 802.11g
802.11g (2003). It was considered an upgrade to 802.11b. It operates in the same 2.4 GHz range w/ 54Mbps throughput. This 802.11g standard was backwards compatible with 802.11b so if you installed an 802.11g access point, it could very easily also accommodate 802.11b clients. But you do have the same problem with frequency conflict because you're still communicating in the 2.4 GHz frequency range.
Wireless Standards - 802.11n
802.11n (2009) was an update for 802.11g, 802.11b, and 802.11a. 802.11n can operate at 5 GHz or 2.4 GHz. And these particular channel widths of 40 megahertz were much larger than the bandwidths available with previous versions of 802.11. 802.11n can support 600 Mbps, using this 40 megahertz channel width and four antennas, sending multiple streams of data simultaneously. 802.11n was the first version of 802.11 to use multiple input, multiple output, or MIMO, where you're able to send multiple streams of information over the same frequency, you just need multiple antennas and radios to be able to send that data.
IPv6 Subnetting - RIR
A Regional Internet Registry (RIR) is a not-for-profit organization that oversees Internet Protocol (IP) address space (IPv4 and IPv6) and the Autonomous System (AS) numbers within a specific geographical region. There are five regional RIRs across the globe: ARIN, RIPE, APNIC, LACNIC and AfriNIC.
Subnet mask
A Subnet mask is a 32-bit number that masks an IP address, and divides the IP address into network address and host address. ex. 255.255.255.0
VLAN Looping
A Switching loop or bridge loop occurs in computer networks when there is more than one Layer 2 (Physical) path between two endpoints. This causes the switches to send info back and forth forever as there's no counting mechanism anthem at a MAC layer. This can bring down a network quickly.
Broadcast Domains
A broadcast domain is a logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer. A broadcast domain can be within the same LAN segment or it can be bridged to other LAN segments. Routers and other higher-layer devices form boundaries between broadcast domains.
Collision Domains
A collision domain is, as the name implies, a part of a network where packet collisions can occur. Collisions are often in a hub environment, because each port on a hub is in the same collision domain. By contrast, each port on a bridge, a switch or a router is in a separate collision domain.
Multicast
A combination of broadcast/unicast that allows sending of packets to multiple interested parties. Ex. streaming. Limted scope and difficult to scale. IGMP is used on IPv4 networks. Multicast management on IPv6 networks is handled by Multicast Listener Discovery (MLD) which is a part of ICMPv6 in contrast to IGMP's bare IP encapsulation. Multicast in IPv4 uses the 224.0.0.0 - 239.255.255.255 range. SO any ip starting withis are using multicast
arp -a
A command Promptline function that show the local ARP table
Star Topology
A common network type in today's switch networks, where you have a centralized device- like a switch- and all of the devices are connected directly to that switch. The switch effectively, sits in the middle, and everybody else connects to it.
MTU - Fragmentation
A communication procedure in which IP datagrams are broken down into small packets, transmitted across a network and then reassembled back into the original datagram. If a datagram is being sent that is larger than the receiving server's MTU, it has to be fragmented in order to be transmitted completely. Fragmentation slows things down, requires overhead along the path and losing a fragment loses the entire packet. Also different devices have different MTUs, so it is sometimes difficult to know if framgnetation happened along the path. Determing the MTU along the info path is automated, but can be inaccurate especially when IMCP is filtered. You may have to maually configure the MTU values if that is the case
Community Cloud
A community cloud in computing is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third-party and hosted internally or externally. This is controlled and used by a group of organizations that have shared interest. The costs are spread over fewer users than a public cloud (but more than a private cloud),
Firewall Rules - Implicit Deny
A condition of most firewall rules that denies any traffic that doesn't meet any of the rules.
Bus Topology
A connection that all other devices connect to. Bus technology was in early networks, where we would have a single co-ax cable and connect all devices onto that co-ax cable so they could communicate to each other. This was an easy network to implement because you simply used a single cable that everyone would connect to, but if you did have a break in that cable, it would disable the entire network. One place you might find a modern bus technology is in your automobile. This is called a Controller Area Network, or a CAN bus type of network. And that's where all of the internal devices inside of your car are able to connect to this single bus and communicate between each other.
Ethernet Frame - Payload
A data unit on an Ethernet link transports an Ethernet frame as its payload.
Dynamic Routing Protocols - Distance vector routing protocols
A distance-vector routing protocol in data networks determines the best route for data packets based on distance. Distance-vector routing protocols measure the distance by the number of routers a packet has to pass, one router counts as one hop. This protocols has very little setup and is usually automatic. Is good for smaller networks but doesn't scale well. Examples include RIP and EIGRP.
Network Segmentation - LAN
A group of devices on a broadcast domain. Individual swtiches for broadcast domains work in small networks but are diffcult to scale up (too many switches to manage).
DHCP - Pool
A grouping of IP addresses that will be leased out by the DHCP server. There's usually a separate pool for each subnet that will be serviced by this DHCP server. It's usually a large contiguous range of IP addresses, but of course, certain IP addresses can be excluded from this pool.
Hybrid Cloud
A hybrid cloud is a model in which a private cloud connects with public cloud infrastructure, allowing an organization to orchestrate workloads across the two environments. In this model, the public cloud effectively becomes an extension of the private cloud to form a single, uniform cloud. A hybrid cloud deployment requires a high level of compatibility between the underlying software and services used by both the public and private clouds.
Hybrod routing protocols
A hybrid routing protocol has some characteristics of a link state routing protocol, and some characteristics of a distance vector routing protocol. An example of a hybrid routing protocol would be something like EIGRP.
IPv4 Networking - Loopback Address
A loopback address is an IP address that all devices happen to have internal to those devices, and they all happen to be using exactly the same loopback address range (ex. 127.0.0.1). You don't have to configure this address. There's no set up to make this particular address work. If TCP/IP is running on your computer, then your machine is going to have a loopback address inside of it.
Managing Traffic - Packet/Traffic Shaping
A means of data prioritization that allows you to set which data is more "important" via many different parameters (ex. appliocation, data type)
Mesh Toplogy
A mesh network is one that has many different links to be able to get to the same place. It might have all of the different locations connected to every other location. Or it might be a partial link, whereas some locations are connected to other locations. Commonly used if you wanted redundancy and fault tolerance. Or if you needed to balance load between multiple links. You often see mesh being used in Wide Area Networks. Since there are so many opportunities to have a link go down, you would have redundancy and a way to route around the problem using this mesh network topology.
Switch Interface Settings - Native frame
A native frame is a frame that doesn't have tag for a specific VLAN. Trunk ports will tag outgoing frames and remove the tag an incoming frames forwarding it to the correct VLAN. If a switch receives untagged Ethernet frames, they are forwarded to the VLAN that is configured on the switch as native VLAN. Both sides of the trunk link must be configured to be in same native VLAN.
STP Port States - Learning
A port changes to learning state after listening state. During the learning state, the port is listening for and processing BPDUs (Bridge Protocol Data Units). In the listening state, the port begins to process user frames and start updating the MAC address table. But the user frames are not forwarded to the destination. After 15 seconds, the switch port moves from the learning state to the forwarding state.
Port forwarding/Static NAT
A port forward is a way of making a computer on your home or business network accessible to computers on the internet, even though they are behind a router. It is commonly used in gaming, security camera setup, voice over ip, and downloading files. After you have forwarded a port you are said to have an open port. Also called Static/Destination NAT, and unlike other NATs it does not expire or timeout.
STP Port States - Blocking
A port in the blocking state does not participate in frame forwarding and also discards frames received from the attached network segment. During blocking state, the port is only listening to and processing BPDU (Bridge Protocol Data Units) on its interfaces. After 20 seconds, the switch port changes from the blocking state to the listening state.
STP Port States - Forwarding
A port in the forwarding state forwards frames across the attached network segment. In a forwarding state, the port will process BPDUs (Bridge Protocol Data Units), update its MAC Address table with frames that it receives, and forward user traffic through the port. Forwarding State is the normal state. Data and configuration messages are passed through the port, when it is in forwarding state.
STP - Blocking Ports
A port that is blocked by STP in order to prevent a loop
Public Cloud
A public cloud is one based on the standard cloud computing model, in which a an independent, third-party provider, such as Amazon Web Services (AWS) or Microsoft Azure, makes owns and maintains compute resources that its general public customers can access over the internet, such as virtual machines (VMs), applications or storage. Public cloud services may be free or offered on a pay-per-usage model. Public cloud users share these resources, a model known as a multi-tenant environment.
DNS - DNS Database - A Records
A records (IPv4) or AAAA records (IPv6). are used to associate the domain name with an IP address. Shown is an example with www.professormesser.com. There's also a specification of the class of this record (usually internet class). This is an A record, so this will be an IPv4 address. And you can see the IPv4 address is also included as part of this record that associates this IP address with www.professrmesser.com. You can also add a semi-colon at the end of the record to designate a comment, so that you can add other contexts to this particular record.
DNS - Reverse Lookup Zone
A reverse lookup is the opposite of a forward lookup: It returns the fully qualified domain name of a host based on its IP address. To enable a reverse lookup for a particular IP address, all you have to do is create a PTR (Pointer Record) in a reverse lookup zone. Reverse DNS is important for one particular application. Many e-mail servers on the Internet are configured to reject incoming e-mails from any IP address which does not have reverse DNS. So if you run your own e-mail server, reverse DNS must exist for the IP address that outgoing e-mail is sent from. It does not matter what the reverse DNS record for your IP address points to as long as it is there. If you host multiple domains on one e-mail server, just setup reverse DNS to point to whichever domain name you consider primary.
Default Route
A route when no other route matches (aka "route of last resort"). This can be used for example in a remote site with only one route in/out. It can dramatically simplify the routing rtpocess and works with other routing methods.
DHCP - Scope
A scope is a list of the IP addresses that will be available for devices on a particular IP subnet. This may also include subnet mask information. You'll specify how long these IP addresses will be leased for, and you may also include other IP configurations, such as a DNS server, a default gateway, WIN servers, and other IP address configuration details.
VLAN Trunking
A single physical connection between swtiches that is able to transmit multiple VLANs. Trunk links are required to pass VLAN information between switches.
Circuit Switching
A type of communications in which a dedicated channel (or circuit) is established for the duration of a transmission. The most ubiquitous circuit-switching network is the telephone system. No one else is able to use the resources along the circuit you built (which in inefficient). But this also means the connection is always there and can't be monopolized by anyone else.allows
Ethernet Frame
A typical ethernet frame consists of 7 parts: - The Preamble - The SFD - Source Frama Delimiter - The Destination MAC Address - The Source MAC Address - The Ethertype (type of data in payload) - The Payload (Layer 3 and higher data) - FCS - Frame Check Sequence
Virtual Private Cloud
A virtual private cloud (VPC) is a hybrid model of cloud computing in which a private cloud solution is provided within a public cloud provider's infrastructure. VPC is a cloud computing service in which a public cloud provider isolates a specific portion of their public cloud infrastructure to be provisioned for private use. The VPC infrastructure is managed by a public cloud vendor; however, the resources allocated to a VPC are not shared with any other customer.
Physical network Map
A visual representation of a computer or telecommunications network. It shows the components that make up a network and how they interact, including routers, devices, hubs, firewalls, etc. Depending on its scope and purpose, a network diagram may contain lots of detail or just provide a broad overview. For instance, a diagram of a LAN might could show the IP addresses of individual computers, while the diagram of a MAN (metropolitan area network) could represent buildings or areas with a single node.
Internet of Things - Z-Wave
A wireless comm. technology that is used in security systems, and home/business automation. Z-Wave is often used in locks, security systems, lighting, heating, cooling and home appliances. Support can be integrated in products or added by retrofitting standard electronics and devices. Z-Wave communications use low-power radio signals in the 900MHz range, separated from Wi-Fi. The system supports automatic discovery of up to 230 devices per controller. Multiple controllers can also communicate with one another and pass commands to support additional devices. Z-wave is optimized for low latency, with data rates of up to 100KB/s.s
Internet of Things - ANT/ANT+
ANT or ANT+ wireless network protocol. These use the 2.4 gigahertz ISM band. Common with fitness devices and heart rate monitors. These use a completely different type of networking than your 802.11 or your Bluetooth, but they are using 2.4 gigahertz ISM band. These frequencies, of course, could be jammed, and ANT and ANT+ don't require any type of encryption to be able to communicate between all of these devices.ANT or ANT+ wireless network protocol.
ACL
Access Control Filter: Used to allow or deny traffic across a network, it's also used with NAT, QoS etc... ACLs are commonly configured on routers and can evaluate (deny or admit) traffic on certain criteria (ex. Source/Dest. IP, TCP/UDP Numbers, etc..)
ARP
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. Determines the MAC address of devices based on their ip.
STP Port States - Listening
After blocking state, a Root Port or a Designated Port will move to a listening state. All other ports will remain in a blocked state. During the listening state the port discards frames received from the attached network segment and it also discards frames switched from another port for forwarding. At this state, the port receives BPDUs from the network segment and directs them to the switch system module for processing. After 15 seconds, the switch port moves from the listening state to the learning state.
NDP Functions - IPv6 Config
After learning IPv6 network prefixes using Neighbor Discovery Protocol (NDP) Router Solicitation & Router Advertisement messages, IPv6 devices can autoconfigure an IPv6 address by self generating the host part of the IPv6 address by using EUI-64 method.
Subnetting - Classless Addressing
All IP addresses have a network and host portion. In classful addressing, the network portion ends on one of the separating dots in the address (on an octet boundary). Classless addressing uses a variable number of bits for the network and host portions of the address. Classful addressing divides an IP address into the Network and Host portions along octet boundaries. Classless addressing treats the IP address as a 32 bit stream of ones and zeroes, where the boundary between network and host portions can fall anywhere between bit 0 and bit 31.
NTP - Why it's Important
All of the devices on our network have their own clock. This would be every server, router, switch, workstation etc.... There are usually log files, authentication details, anything dealing with logging of information is all using the date and time that is gathered from this clock information. So, having this synchronized across all of these devices is very important. That would allow you to compare log files across multiple devices to track exactly what's going on in your environment. And, of course, you would like this to occur automatically. You don't want to have to go into every single device and update the clock or have to update the clock every time the device is rebooted.
SNMP v2
Allowed for bulk transfer of data, along with other improvements. However the date it was still sent "in the clear" (unencrypted).
IP address
An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing.
SDN: Orchestration
An SDN is can be orchestrated. This means that you can programmatically configure how things occur on the network, and often this can be done automatically. For example, an SDN may be constantly monitoring part of the network, and if the network becomes congested or needs more resources, those resources can be deployed automatically.
SDN: Neutrality
An SDN is vendor neutral. You don't have to have 100% of any particular vendor's products, and a lot of the SDN associated control standards are publicly available as an open standard. A lot of this SDN functionality is enabled, because we virtualized a huge portion of our infrastructure. We have servers and routers and firewalls and switches that are now in a virtual world, which allows us a lot of control over what we can do with those devices.
PDU examples
An ethernet PDU is a frame of data (ethernet has no idea what's inside that frame). An IP PDU operates on a packet of data (IP has no idea what's inside that packet). For TCP/UDP the PDUs are TCP segments and PDU datagram
802.11 Characteristics - MIMO - Signal Diversity
Antenna diversity, also known as space diversity or spatial diversity, is any one of several wireless diversity schemes that uses two or more antennas to improve the quality and reliability of a wireless link. ... This is because multiple antennas offer a receiver several observations of the same signal.
FTP Web Browsers as FTP Client
Any web browser can also function as an FTP. Simply type ftp:// and your target ip/website.
PDU - OSI layer
As data moves through the OSI layer, PDUs for each layer are added on. In example, the data has TCP (OSI L4), IP (OSI L3), and a frame header/trailer (OSI L2) added before transmission (which are then stripped off on the other end).
NDP - NS/NA Example
As with RS/RA, a workstation will send out a Neigbor Solicitation (NS), and any other devices on the network will send back a Neighbor Advertisement (NA). NS is also used to test for duplicate IPv6 addresses
IPv6 Subnetting - Framework
Assigning IPv6 subnet addresses on your network is very similar to the process of assigning IPv4. So in our network, we might have four different subnets that are connected to each other that need IPv6 network addresses, and we'll simply apply our 2600 DDDD 1111 1, 2, 3, and 4 with a /64 subnet mask to provide addressing for our IPv6 networks.
OSI Model - Layer 5 (Session Layer)
At the Session Layer we start dealing with all applications communicate across a network. At lower levels of the OSI model, there is no permanent connection but rather a series of short bursts of data being sent back and forth. The session layer maintains a conversation over many of these bursts of data. Control and tunneling protocols are used in this layer
ICMP v6: RA and RS
At the highest level, we can separate IP devices into two groups: hosts and routers. Both participate in the use of the internetwork, but they have different roles. An important IP principle related to this division is that routers take care of routing—moving data between networks—while hosts generally don't need to worry about this job. Hosts rely on the routers on their local networks to facilitate communication to all other hosts except those on the local network. The implications of this are clear: a host cannot really use an internetwork until it knows the identity of at least one local router, and the method by which that router is to be used. In IPv4, a technique known as router discovery was invented, which provides a means by which a host can locate a router and learn important parameters related to the operation of the local network. Router discovery in IPv6 works in a very similar manner, by having routers send Router Advertisement messages both on a regular basis and in response to hosts prompting for them using Router Solicitation messages. The router discovery function has been incorporated into the Neighbor Discovery (ND) protocol, where it is part of a larger class of tools that I call host-router discovery functions.
DNS Process - Step 9: Browser Starts TCP Handshake
At this point the OS, now in possession of www.professormesser.com's IP address, provides the IP to the Application (browser), which initiates the TCP connection to start loading the page.
DNS Process - Step 8: DNS Resolver Response to OS
At this point the resolver has finished the recursion process and is able to respond to the end user's operating system with an IP address.
IPv4 Adressing - APIPA
Automatic Private IP Addressing: When you've configured a workstation for DHCP and no DHCP server is available. An APIPA address is formed that allows the workstation to at least communicate to local devices is created. APIPA is a type of link-local address, and although this device would not be able to communicate through a router, it would still be able to communicate to all other devices on its local IP subnet. The APIPA address range is 169.254.0.1 - 169.254.254.255. So when a device, which normally would get an IP address from DHCP cannot communicate to that server. It will simply pick one of these addresses inside of this range. This device then sends an ARP request to the network to make sure no one else on the sub that happens to be using this particular IP address, and then assigns this address if nobody responds
AS
Autonomous System: a collection of connected IP routes/routing prefixes under the control of one or more network operators on behalf of a single administrative entity/domain that presents a common, clearly defined routing policy to the Internet.
BOOTP
BOOTP (Bootstrap Protocol) is a protocol that lets a network user be automatically configured (receive an IP address) and have an operating system booted (initiated) without user involvement. The BOOTP server, managed by a network administrator, automatically assigns the IP address from a pool of addresses for a certain duration of time. BOOTP didn't automatically define everything and didn't know when an IP was available again so it was replaced by DHCP
IPv6 Compression - Leading Zeros
Because of their long bit lengths, IPv6 addresses tend to contain a lot of zeros. When a section of an address STARTS with one or more zeros, those zeros are nothing more than placeholders. So any leading zeros can be suppressed. Look at this address: FE80:CD00:0001:0CDE:1257:0000:211E:729C In this address, any leading zero within a section could be suppressed. The result would look like this: FE80:CD00:1:CDE:1257:0:211E:729C
IPv4 Adressing - DHCP Pool
Before our workstation was turned on, our DHCP servers were configured with a list of available IP addresses that could be assigned to other devices on this network. We call this a pool of IP addresses, and it's very common to configure multiple pools of IP addresses for these DHCP servers. This pool of available IP addresses will shrink and grow again based on how many people are on the network and how many may have left the network. And if you visit a network a second time, your IP address may change depending on what IP addresses are available in that pool.
Internet of Things - Bluetooth
Bluetooth is a telecom spec that describes how mobile devices, computers and other devices can easily communicate with each other using a short-range wireless connection. Bluetooth technology requires that a low-cost transceiver chip be included in each device. The transceiver transmits and receives on a 2.45 GHz band. In addition to data, up to three voice channels are available. Each device has a unique 48-bit address from the IEEE 802 standard. Bluetooth connections can be point to point or multipoint. The maximum Bluetooth range is 10 meters. Data can be exchanged at a rate of 1 megabit per second -- up to 2 Mbps in the second generation of the technology. A frequency hop scheme allows devices to communicate even in areas with a great deal of electromagnetic interference. Built-in encryption and verification is provided.
EGP - BGP
Border Gateway Protocol: Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. The protocol is classified as a path vector protocol. Many org's use BGP as their EGP
SAN vs NAS: Bandwidth
Both NAS (Network Attached Storage) and SAN (Storage Area Network) require enough bandwidth to be able to support the reading and writing of this data across the network. So it's very common to connect these types of storage systems over high speed network topologies.
ICMP Characteristics
CMP is not a transport protocol that sends data between systems. While ICMP is not used regularly in end-user applications, it is used by network administrators to troubleshoot internet connections in diagnostic utilities including ping and traceroute.
CAN
Campus area network: usually a group of buildings that are close enough that you could extend network connections so that all of the buildings would effectively be on the same network. It's common in these CANs to connect all of these buildings together with fiber and be able to run high speed ethernet. It makes sense to have the highest line rates you can between these buildings. One of the nice things about a campus area network is that you usually have the ability to put your own conduit in between the buildings and run your own fiber. You don't have to pay a monthly cost to a service provider. You can simply connect two switches at the end of the fiber and now your two buildings are connected directly with each other.
DNS - CNAME
Canonical Name Record: used when we want to associate a number of different names with an existing device. You would add the alias to something that already exists. For example, if you had a device called mail.mydomain.name, you could also call this the ftp server for ftp.mydomain.name, www.mydomain.name. Your DNS server will recognize that this is a canonical name. It will associate it with the primary name of this device and then perform the proper lookup.
CSMA/CD - CS
Carrier Sense: The device checks if there's a carrier, a signal available that can be used to send data
Classful Subnetting: Subnet Classes IP Ranges
Class A subnet masks are IPs that begin with 1- 126, w/ a default subnet mask of 255.0.0.0. Class B IPs begin with 128-191 as the first octet, with a default subnet mask of 255.255.0.0. Class C IPs start with 192-223, w/ a default subnet mask of 255.255.255.0.
QoS - (CoS)
Class of Service: a way of managing traffic in a network by grouping similar types of traffic (for example, e-mail, streaming video, voice, large document file transfer) together and treating each type as a class with its own level of service priority. It works on OSI Layer 2, with prioritization via a 3-bit ethernet frame header in an 802.1Q trunk. It is ususally applied on the intranet (not from an ISP
IPv4 Subnet Masks - CIDR
Classless Inter-Domain Routing: a set of Internet protocol (IP) standards that is used to create unique identifiers for networks and individual devices. In CIDR the first part of an IP address is a prefix, which identifies the network. The prefix is followed by the host identifier so that information packets can be sent to particular computers within the network.
Managing Cloud Security - CASB
Cloud Access Security Broker: a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure. A CASB acts as a gatekeeper, allowing the organization to extend the reach of their security policies beyond their own infrastructure. CASBs work by ensuring that network traffic between on-premises devices and the cloud provider complies with the organization's security policies. Major CASB vendors include: Bitglass. Blue Coat (owned by Symantec) CloudLock (owned by Cisco) and Microsoft (through Adallom acquisition).
Resource Management - Cloud
Cloud based resources are much more modular than hosted or on premise resources. You can build out application instances and tear them down instantly. As you need more resources, more CPU time, more memory, more disk space, you can simply request that from the cloud and allocated to your application. If we're using an application that's located somewhere physically different than where we happen to be, there's probably a significant security concern about that communication.
Cellular Network Standards - CDMA
Code Division Multiple Access: With CDMA everyone's communicating over the same frequencies but each call is using a different code and the phone on the other end is filtering out all of the information that it doesn't need to hear. This was a standard commonly used by Verizon and Sprint and all of those handsets were controlled by that network provider. In the United States there wasn't much adoption outside of Verizon and Sprint for CDMA.
CSMA/CD - CD
Collision Detect: a transmitting data station that detects another signal while transmitting a frame, stops transmitting that frame, transmits a jam signal, and then waits for a random time interval before trying to send that frame again.
Packet Switching - Common Technologies
Common packet switching technologies are the SONET, the ATM networks of today, DSL links, frame relay, MPLS, the cable modems that we might have in our business or at home, satellite connections, wireless, and many of the other local area network based technologies
Dynamic Routing Protocols - convergence
Convergence is the state of a set of routers that have the same topological information about the internetwork in which they operate. For a set of routers to have converged, they must have collected all available topology information from each other via the implemented routing protocol, the information they gathered must not contradict any other router's topology information in the set, and it must reflect the real state of the network. In other words: In a converged network all routers "agree" on what the network topology looks like.
Dynamic Routing Protocols - convergence time
Convergence time is a measure of how fast a group of routers reach the state of convergence. It is one of the main design goals and an important performance indicator for routing protocols, which should implement a mechanism that allows all routers running the protocol to quickly and reliably converge. A larger network will converge more slowly than a smaller one.
Firewall Rules
Could be considered a type of ACL, uses multiple groupings/categories called tupples to allow/deny traffic. Firewall rules follow a logical path, the firewall check data against each rule sequentially to see if it matches. The rules can be general or specific which specific rules usually at the top of the list.
NDP Functions - DAD
DAD (Duplicate Address Detection) is a Neighbor Discovery Protocol (NDP) mechanism to detect whether duplicate IPv6 addresses exist in an IPv6 network. DAD (Duplicate Address Detection) is useful, because IPv6 has many address autoconfiguration mechanisms.
IPv4 Adressing - DHCP
DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to dynamically assign an Internet Protocol (IP) address to any device, or node, on a network so they can communicate using IP. DHCP automates and centrally manages these configurations. DHCP will assign new IP addresses in each location when devices are moved from place to place, which means network administrators do not have to manually initially configure each device with a valid IP address or reconfigure the device with a new IP address if it moves to a new location on the network.
DHCP Management
DHCP allows you to manage all the configuration data for your devices from your DHCP server (instead of having to go to each device).
DHCP (Dynamic and Pooled)
DHCP is dynamic (given IP automatically) and pooled (pulls IP from a set pool of available IP addresses in real time).
Port: udp/67, udp/68
DHCP: Dynamic Host Confirguration Protocol
DNS - Characteristics
DNS is a hierarchical system which follows a very specific path to be able to find exactly the server you're trying to locate. And it's a database that's very distributed. There are many DNS servers around the world. There are over 13 clusters of root servers at the core of DNS, and you often find generic top-level domains like a .com, a .org, or a .net. And there are also country code top-level domains for the US, Canada, UK, etc..
Port: udp/53
DNS: Domain Name System
IPv4 sockets (Ports)
Data being sent has a lot of identifying information. For the server receiving the information: Server IP address | protocol | server app port number For the sender you have: Client IP address | protocol | client port number.
DMZ
Demilitarized Zone: a special interface that allows outside access of certain resource in this DMZ which is separate from the rest of the network.
Logical Network Map
Describes the way information flows through a network. Therefore, logical network diagrams typically show subnets (including VLAN IDs, masks, and addresses), network devices like routers and firewalls, and routing protocols. In the (OSI) model, logical network diagrams correlate with the information contained in L3 (network layer) L3 is an abstraction layer that deals with packet forwarding through intermediate routers. To make a logical map you need special software; in Windows, you could use Visio. Mac OS has OmniGraffle. And there are also, third-party websites that allow you to create these graphics inside of your browser itself. Logical maps are good for showing how app data flow may be working. Or to see exactly how the network may be laid out across a large area.
802.11 Characteristics - Bandwidth
Different 802.11 standards will use different bandwidths in the 2.4 and 5GHz ranges. This is the amount of frequency you're using at any particular time.
TCP/UDP on the same ports
Different applications can use different versions of the same port number at the same time without conflict. For example you could be using UDP port 80 and TCP port 80 at the same time without issue.
Managing Traffic - Data Prioritization
Different types of data have different needs and properties. As such some data needs to be prioritized over other on the same network. For example, you would typically prioritize VoIP traffic (which is real time) over Youtube (which is buffered).
DiffServ
Differentiated services: a protocol for specifying and controlling network traffic by class so that certain types of traffic get precedence. It is the most advanced method CoS traffic management. For a given set of packet travel rules, a packet is given one of 64 possible forwarding behaviors - known as per hop behaviors (PHBs). A six-bit field, known as the Differentiated Services Code Point (DSCP), in the Internet Protocol (IP) header specifies the per hop behavior for a given flow of packets. The QoS bits are modified outside the application (usually with routers or firewalls). DiffServ works in OSI layer 3 and the routers apply the QoS
[nbtstat -c]
Displays the contents of the NetBIOS name cache, the table of NetBIOS names and their resolved IP addresses. This cache is erased regularly
[nbtstat -r]
Displays the count of all NetBIOS names resolved by broadcast and querying a WINS server.
Distributed Switching
Distributed switching is an architecture in which multiple processor-controlled switching units are distributed. There is often a hierarchy of switching elements, with a centralized host switch and with remote switches located close to concentrations of users.
Distributed Switching - Advantages
Distributed switching virtualizes the networking so that we're able to group together individual services into their own VLAN regardless of where the actual virtual machine happens to live. So if one web server moves from one virtualization platform to another, our networking configuration doesn't change at all, and there's no impact to any type of communication or connectivity, because this all runs in this distributed switching environment.
DNS - TXT Record - DKIM
Domain Keys Identified Mail: a type of TXT record that allows your mail servers to digitally sign outgoing mail. And when the external mail server receives this, they can confirm that this was, indeed, digitally signed by your mail server. You're effectively adding your public key into this particular DNS text record.
DNS
Domain Name Service - main function of DNS is to translate domain names into IP Addresses, which computers can understand. It also provides a list of mail servers which accept Emails for each domain name.
DNS - port
Domain Name System (Port: udp/53). Converts domain name into ip addresses (ex. google.com = 172.217.1.110). Computers do not communicate via domain names so DNS converts your websites into the IP address of the server you're trying to connect to.
DHCP
Dynamic Host Configuration Protocol: the primary/automatic configuration protocol for IPv4. DHCP runs at the application layer of the Transmission Control Protocol/IP (TCP/IP) protocol stack to dynamically assign IP addresses to DHCP clients and to allocate TCP/IP configuration information to DHCP clients. This includes subnet mask information, default gateway IP addresses and domain name system (DNS) addresses.
DHCP
Dynamic host configuration protocol (Port: udp/67, udp/68). DHCP automatically assigns you an IP and subnet mask when you first connect to a network. Each device "leases" and IP for a set time and has to renew periodically. DHCP
Dynamic Routing - Disadvantages
Dynamic routing uses bandwidth to send updates between the routers, and there is memory and CPU that's used inside the router to store the information. Also there's some initial configuration required
IPv6 Addressing - EUI-64 - Methodology
EUI-64 (Extended Unique Identifier) is a method we can use to automatically configure IPv6 host addresses. An IPv6 device will use the MAC address of its interface to generate a unique 64-bit interface ID. However, a MAC address is 48 bit and the interface ID is 64 bit. What are we going to do with the missing bits? We take the MAC address and split it into two pieces. We insert "FFFE" in between the two pieces so that we have a 64 bit value. We invert the 7th bit of the interface ID. So if my MAC address would be 1234.5678.ABCD then this is what the interface ID will become: 1234.56FF.FE78.ABCD
DNS Process - Step 5: TLD Server Response
Each TLD server holds a list of all of the authoritative name servers for each domain in the TLD. For example, each of the 13 .com gTLD servers has a list with all of the name servers for every single .com domain. The .com gTLD server does not have the IP addresses for professormesser.com, but it knows the location of professormesser.com's name servers. The .com gTLD server responds with a list of all of professormesser.com's NS records.
Frame Switching Between Bridges
Each switch has its own MAC address table (neither device knows what's in the other's table). The switch only knows where the next step is to forward frame, in this case the other switch. Once data is sent the first switch has compeleted it's operation.
IGP (IPv4/IPv6) - EIGRP
Enhanced Interior Gateway Routing Protocol: an advanced distance-vector routing protocol that is used on a computer network for automating routing decisions and configuration. Cisco propriatary and available only on Cisco routers.
Ethernet Frame - Ethertype
EtherType is a two-octet field in an Ethernet frame. It is used to indicate which protocol is encapsulated in the payload of the frame. The same field is also used to indicate the size of some Ethernet frames.
IPv4 Networking - IP Address
Every device needs a different IP address, and you'll see it represented as four separate values with a period in between. So 192.168.1.165 is a properly formatted IPv4 address. If you are configuring a layer 3 device, then you need more than just the IP address. You need both the IP address and the subnet mask to be able to communicate on a particular network.
IPv6 Addressing - EUI-64
Extended Unique Identifier (64 bit value): Used to created a modified version of a devices MAC addresses that is used to assign IP addresses with IPv6. This method is one that would allow all devices on the network to automatically configure themselves with a static IPv6 address that can be used to communicate worldwide. Obviously, the MAC address is 48 bits long, and we need 64 bits to be able to create the static IP version address. This means that we're going to need some extra bits to use for this particular static IP address. So we're going to use that MAC address, make a minor change to it, and take that 48-bit MAC address and create from that a 64-bit EUI.
EGP
Exterior Gateway Protocol: provides communication b/w autonomous systems (AS). It leverages the IGP at the AS to handle local routing
Port:tcp/20/21
FTP: File Transfer Protocol. TFTP does not have Authentication (username/password) or security (encryption). As such its not typically used on production systems
FTP
File Transfer Protocol (Port: tcp/20 [active mode data] & tcp/21 [control]). FTP is used transfer unencrypted files between systems. Active FTP servers receive commands on port 21 and respond with data on port 20. All of the other choices do not accurately describe how FTP uses ports 20 and 21. FTP authenticates with a username and password, and is fully featured like SFTP (allowing you to list add or delete files etc..) Filezilla is an example of an ftp server application
SNMP v1
First version of SNMP (Simple Network Management Protocol). Sent information via structured tables in an unencrypted form.
DNS Process - Step 1 - OS Query to DNS Resolver
Firstly, your OS queries a DNS resolver. The query the OS sends to the DNS Resolver has a special flag that tells it is a "recursive query." This means that the resolver must complete the recursion and the response must be either an IP address or an error. For most users, their DNS resolver is provided by their Internet Service Provider (ISP), or they are using an open source alternative such as Google DNS (8.8.8.8) or OpenDNS (208.67.222.222).
Default Route - Example
For "Jack's" nework a default route can be set up (since it has one connection out) to send all traffic to 10.10.40.1 (Router 1)
Subnet Calculations - Example 2
For 172.16.88.200. We need to find 172 is a Class B IP address. A Class B IP address will then use the default subnet mask of 255.255.0.0. So the subnet mask separates this IP address into 172.16 on our network side and 88.200 is the host side. To find the network address, we need to set the host values to 0, so the network address is going to be 172.16.0.0. To find the first available host on this network, we add 1 to the network address, so 172.16.0.1. To find the broadcast address, we set all those hosts bits to 1, meaning they will be 255.255, making the broadcast address 172.16.255.255. And the last available IP address will be 1 fewer than the broadcast address, making it 172.16.255.254.
IPv4 Subnet Masks - CIDR / Notation
For 255.255.255.0 there are 24 bits in this particular subnet mask, in these first three octets. As such we use the /24 to specify the number of bits. Because we use this slash to designate the number of bits that will be used for the subnet mask. So for a subnet mask of /24, we know that that is the size of the network and the remaining bits, which would be eight bits, in this case, would be the number of bits available for hosts.
Enterperise DHCP Needs
For DHCP in a large organization, there are a number of challenges you have to deal with. Ruters will stop these broadcasts from going through the network. So we need some way to be able to have centralized DHCP servers, but still able to maintain the DHCP requests for all of the different subnets on our network. We want redundancy with our DHCP servers. These are extremely important services, so we may want to have two or more of these servers running simultaneously. We also want to have scalable distribution of these DHCP servers. Some might be in the core of your network, but you also might want to have DHCP servers provided at remote locations, and it's very common to have these DHCP servers located on different IP subnets.
IPv4 Subnet Masks
For IPv4, a network may also be characterized by its subnet mask or netmask, which is the bitmask that when applied by a bitwise AND operation to any IP address in the network, yields the routing prefix. Subnet masks are also expressed in dot-decimal notation like an address. For example, 255.255.255.0 is the subnet mask for the prefix 198.51.100.0/24.
Cellular Network Standards - 4G/LTE
Fourth Generation of Long Term Evolution communication: Replaces CDMA and GSM. Based on the GSM and EDGE (Enhanced Data Rates) for GSM Evolution- and allows us to communicate with voice and data simultaneously over the same network. The original LTE standard supported 150 Mbps down and the latest version of LTE, LTE-A (LTE Advanced) has doubled that to support download speeds of up to 300Mbps.
Ethernet Frame - FCS
Frame Check Sequence: uses a Cyclic Redundancy Check (CRC) algorithm to detect transmission errors. The Frame Check Sequence field is filled (using a CRC) by the sending host. If the receiving host detects a wrong CRC, it will throw away that packet.
Full Duplex
Full duplex devices can send and receive data at the same time. Switches are full duplex devices (when properly configured), but can be configured to be half-duplex of connecting to another half duplex device.
DNS - FQDN
Fully-qualified domain name (FQDN) is that portion of an Internet Uniform Resource Locator (URL) that fully identifies the server program that an Internet request is addressed to. The FQDN includes the second-level domain name (such as "whatis.com") and any other levels (example, "www.whatis.com" or "www1.somesite.com"). The prefix "http://" added to the fully-qualified domain name completes the URL.
Switch Interface Settings - Speed and Duplex
Generally: Speed is set to 10/100/1000 Duplex can be set to half or full These settings can be done automatically or manually, which one is used both sides of the connection have to match.
Cellular Network Standards - GSM
Global System for Mobile communications. This had about a 90% coverage in the market. And that's because it was a standard almost everywhere in the world. In the US, AT&T and T-Mobile were provided the GSM standard. This also allowed you to take a SIM card out of one phone and move it to another phone. So anytime you needed to change telephones you could simply move your SIM card from phone to phone.
Port: tcp/80
HTTP: Hypertext Transfer Protocol
Port: tcp/443
HTTPs: Hypertext Transfer Protocol Secure
Half-Duplex
Half duplex devices cannot send and receive data simultaneously. All LAN Hubs are half duplex.
7 Second Subnetting Process - Example 2
Here is 165.245.12.88/26. Since it's /26 it falls into column 4. The first step is to convert the IP address and the mask to a decimal. We know we have the IP address of 165.245.12.88, but we've got this /26. So we need to use our first chart to find the /26. And you can see that the /26 is in this fourth column. That means that whatever value we find here, which happens to be 192, is what we're going to put into the fourth column of our subnet mask. So for our subnet mask, since this is in the fourth octet, 255.255.255.192 is the conversion for the /26. Notice that the number of addresses in the first chart is listed as 64 for a /26 mask. That means we need to go down to the second chart where we have listed out all the addresses. and find in that row where an 88 would fall. And in this particular case, it falls into this range 64-127. That will be very helpful when we start determining the beginning and end of the subnet. To calculate the network address. The general If the mask is 255, we bring down the address value into a column. If the mask is 0, we'll use a 0. For any other number, we refer to the chart. So for 255.255.255.192 we refer to our chart on that 64 row and determine where the 88 sits. And we know that that particular range starts at a 64. So our network address is going to be 165.245.12.64. The broadcast address is at the other end of this range (64-127) so it is 127. We know it's 127 because the next range, or the next subnet, starts at 128. So the broadcast address is 165.245.12.127. The first usable IP address and the last usable IP address is add +1 to the network address and we -1 from the broadcast address,respectively. Giving us 165.245.12.65, 165.245.12.126. And there's the answer for the subnet 165.245.12.88/26.
7 Second Subnetting Process - Example 4
Here is 18.172.200.77/11. To convert the /11 to decimal we need to find the 11 in our chart. It's in the second column. You can see the /11 is a 224 with 32 addresses per subnet. So if we write this in, it's 255.244 again. We put it in the second column because that's where we found the /11. Giving us 255.224.0.0. Now that we have the address and the subnet mask written in decimal, let's find the network address. We know that we're going to be using these 32 addresses per subnet. We're going to look at our row where the 32 is and we're going to look at our second column. That's where we found the /11. The address values 172. So we need to find in our 32 row where the 172 happens to be. And it's in the range 160-191. Well, now we have the values we need to calculate the network address and the broadcast address. With the 160 we'll bring down the 18. We'll use the 160. And of course, where there's is a 0 we bring down the 0 for the network address. GIving us 18.160.0.0. For the subnet address, we use the last value that's in this range, which is a 191. So it would be 18.191. And of course, where there are zeros we bring down the 255 giving us 18.191.255.255 for our broadcast address. And for the last step where we want to find the first usable IP address and the last usable IP address, we'll add 1 to the network address and subtract 1 from the broadcast address. That makes our first usable IP 18.160.0.1 and our last IP is 18.191.255.254.
OSI in the Real World
Here is a rundown of the OSI layers as used:
7 Second Subnetting Process - Example 3
Here we have 165.245.12.88/20. We need to convert that /20 a decimal. /20 is in the third column of our chart. That means that the 240 is going to fall into the third column of the subnet mask. Giving us 255.255.240.0. We also know from our chart that there are 16 addresses in this subnet. So if we look at our row in the second chart where all of the 16 delineations are, we need to find that number for that third column. Everything focuses on the column where that value is a little bit different. So that 12 that is in the address needs to be put into this row where there's all the 16's. 12 is in the first section of the row since it's b/w 0 and 15, So we know now what the exact range is going to be for the network address and for the broadcast address. So we want to be able to bring down any of the network addresses where the mask is 255. If the mask is 0, we use a 0. But for that column that has that 12, we know that it's actually going to start this range at 0. So our network address is going to be 165.245.0.0. For the broadcast address if there's a 255 we bring down the address. If there is a 0, we bring down a 255. But again, we've got this third column. So we need to look to see what our range is for this column. And because it is the 16's, we know that it goes from a 0 to a 15. So we can look at our chart and know immediately it's 165.245.15.255 is our broadcast address. From here, to calculate the first usable IP and the last usable IP, we're simply adding 1 and subtracting 1, which makes our first IP 165.245.0.1 and the last IP is 165.245.15.254.
IPv4 Subnet Masks - CIDR to Binary Example 1
Here we have the CIDR block notation, and we want to convert back the decimal representation of that. We have a /26 as our subnet mask. In decimal form, there are 26 ones and then the remaining zeros for the subnet mask. If we look at our reference chart, we know that all ones is 255, and then two ones at the beginning would be 192, making this subnet mask 255.255.255.192. 26 bits for the network address and six bits for the host on each network.
DNS - SRV Example
Here's a service record that you use for Windows devices to find an Active Directory controller. You can see the service is ldap, the protocol name is tcp.domain.com in this example. The time to live (TTL) is 300 seconds. This is the internet class. It is an SRV or service record. There's priority and weight values, a port number, and then the target that allows you to associate this particular service with a particular device.
IPv6 Subnetting - IPv6 Subnetting Example
Here's an IPv6 address that we built using the scheme from our ISP, 2600 DDDD 1111 0001. The 2600 DDDD 1111 is from the ISP and can't be changed they're are also considered to be the global routing prefix, and it's 48 bits long. We can assign subnets to this particular network. So we're going to subnet further, taking the next 16 bits and allocating those for network IDs. Those are going to be locally assigned by us once it's been given to us by the ISP. All of the remaining bits in this IPv6 address are all the host ID. It's 64 bits long for the host ID. So if we've got a network that we numbered number 1, we can obviously build out networks 2, 3, 4, 5, and so on. And each one of those networks will have 64 bits that we could use for host values. Tthese 16 bits allow us to subnet out 65,536 separate networks (16^4). With the 64 bits left for the host ID, we can fit about 18 million trillion hosts per subnet.
DNS - Hierarchy
Here's an example of DNS hierarchy. At the top are common TLDs (top level domains) such as .com, and .net. Underneath .com, you might have another domain name such as professormesser (this is the secondary domain name). Combining the two gives you professormesser.com. Of course, at professormesser there may be a web server and that web server's name may be www. But there may also be a mail.professormesser.com, an east.professormesser.com, and a west.professormesser.com. And you can have servers that were one level down from that. So there may be an ethan.west.professormesser.com and so on.
DNS - TXT Record - DKIM Protocol Example
Here's an example of a DKIM (bottom sheet in slide) text records in a DNS, which shows the domain key information for professormesser.com. This is a text value. And you can see the entire public key is listed under this DKIM1 value. This allows third-party mail servers that have received a digitally signed email from my mail server to get the public key and validate that signature.
DNS - TXT Record - SPF Protocol Example
Here's an example of a SPF (top sheet in slide) text records in a DNS. It contains information that tells other mail servers what the valid mail servers will be for professormesser.com. So I list out my domain name, professormesser.com. I've got a timeout value of 300 seconds. This is a text record, and there's the SPF information. Third parties will be able to look at this text record on my DNS server, and see that if mail is coming from mailgun.org, than it is authorized as a mail server for professormesser.com.
IPv6 Addressing - Modifying the MAC Address - Conversion Chart Example 3
Here's another MAC address that starts a0:21:b7. So that 0 is the one we're most interested in, and you can see the corresponding value would be a 2. That means the first three bytes of the EUI-64 would be a221:b7. We'll put the ff:fe in the middle and then finish with the last half of the MAC address.
HTTP
Hypertext Transfer Protocol (Port: tcp/80) . HTTP (Hypertext Transfer Protocol) is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web. Info via HTTP is not encrypted.
HTTPs
Hypertext Transfer Protocol Secure (Port: tcp/443) . HTTP (Hypertext Transfer Protocol) is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) securely on the World Wide Web. Info sent via HTTPs is encrypted.
ICMP
ICMP (Internet Control Message Protocol) is an error-reporting protocol network devices like routers use to generate error messages to the source IP address when network problems prevent delivery of IP packets. ICMP creates and sends messages to the source IP address indicating that a gateway to the Internet that a router, service or host cannot be reached for packet delivery.
802.1Q
IEEE 802.1Q (aka Dot1q) is the networking standard that supports virtual LANs (VLANs). The standard defines a system of VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. A VLAN header is added to the data.
Port: tcp/143
IMAP4: Internet Message Access Protocol
IPAM
IP address management: allows you to manage all of your IP addressing, your DHCP servers, and you can track and see exactly how much of which IP address pools are being used. You know what IP addresses are being used during what part of the day, and you can see all of the user to IP address mappings. From a DHCP management perspective, you can understand exactly what type of DHCP reservations are configured. You can see how much of your IP pools are in use. You could see if there's any problems or shortages for IPv4/v6 DHCP on a single console.
IPv6
IPv6 addresses are 128-bit written in hexadecimal and separated by colons (ex. 3ffe:1900:4545:3:200:f8ff:fe21:67cf.) The replacement for IPv4 (which is a 32 bit address), IPv6 is a 128-bit address.
Connecting to the Cloud - Direct Connection
If security is the utmost importance, you may want to have all of that cloud based instance occur inside of your own facilities, and you'll have a direct connection, usually a high speed connection, into your own private cloud.
Subnet Construction - Host Address
If the very first IP address on a particular IP subnet is the network address, then one that is just one number above that is the first usable host address. So if you've calculated the network address, it's very easy to find the first usable host address. You just add one to the IP address. Conversely, you can find the network address by determining the first usable host address and subtracting one from that.
STP - Reconfiguring Ports
If there is a physical change on a network STP can reconfigure itself (changing port types as needed), in order to restore function across the network wehile still maintaining a loop fre environment.
Connecting to the Cloud - SSL/TLS
If we're using an application that's located somewhere physically different than where we happen to be, there's probably a significant security concern about that communication. If you're using a browser based application, it's common to use SSL or TLS encryption to be able to have an encrypted tunnel between your device and the application.
Wireless Topologies - Ad-hoc Topology
If you don't have to have an access point to be able to communicate with 8.02.11. You could have devices communicating directly with each other, without putting an access point in the middle. We call this ad hoc networking. You don't need any additional hardware. You simply configure both end stations to communicate to each other over this wireless frequency.
Connecting to the Cloud - VPN
If you have an entire site of people that need secure access into this cloud based application, you may want to enable VPN connectivity where you create an entire tunnel for everyone to use to communicate back and forth to the cloud based system. This type of implementation commonly needs some additional firewalls or dedicated hardware to provide the VPN, and you have to coordinate that VPN connectivity with the third party cloud provider.
Circuit Switching - T1/E1/T3/T3
If you lease a connection, those are circuit switch. So a T1, E1, T3, or E3 type connection can be use circuit switching, where we build the connection, and it's always going to be there.
IPv4 Subnet Masks - Binary to CIDR Chart
If you only have eight bits available in each octets, there's only a certain number of combinations of these binary to decimal representations you can have. For example, all zeros would obviously be zero. A one and all zeros is going to be 128. Two ones and all zeros is 192 and so on.
IPv6 Subnetting Example - Subnet Notation
If you were to write out this IPv6 subnet address, then you'd have 2600 DDDD 1111 a 1, and then all zeros. You can also abbreviate or compress this IPv6 subnet address as 2600:DDDD:1111:1:: and then /64 to designate what the subset mask might be for this IPv6 address.
External DNS
If you're an organization that doesn't need an internal DNS server, you might want to use an external DNS. A good example are the ones that are managed by Google on their Google DNS or Quad9. These external DNSs will obviously not have any information about any internal devices, but you're able to use and maintain those external resources without having to run your own server internally in your organization.
NTP Internal Server/Client
If you're configuring NTP on your network you may want to have an internal NTP server. This is a server that is in charge of the clock for all of the devices that need to get updates. And as an NTP server, it does not modify its own time. An NTP client is a device that will request these times from the NTP server and then update their clocks accordingly. Sometimes a device can be both an NTP client and an NTP server. So it can update its time based on the time that may be available on a more accurate NTP server and then it can provide those updates to other NTP clients on your network. If you're planning to configure this on your network then you need to decide what devices will be NTP clients, which will be NTP servers, and which devices may be both an NTP client and an NTP server.
802.11 Characteristics - Directional Antennas
If your access point is on one side or the other of where you need the signal to go. In those cases, you may want to use a more directional antenna. If you needed to send information between buildings or you had an access point at one end of the hall and you needed to provide signal across the rest of the hallway, you may want to use a directional antenna. We usually measure the performance of these antennas in decibels. So if you have an antenna that doubles the amount of effective power, then we say that you're doubling this by three db.
802.11 Characteristics - MU-MIMO - 802.11ac Throughput
In 802.11ac, we were provided with multi-user MIMO, which meant that we could use multiple streams to send data over the same frequency to multiple clients simultaneously. So you could have a couple of streams of data going to a laptop, you could have a stream of information going to your mobile device, and another stream going to this television, all using the same frequencies simultaneously on this 802.11ac network.
IPv4 Networking - Reserved Addresses
In IPv4, there's a block of addresses that will never be used on any layer 3 device. These are reserved addresses, and they range between 240.0.0.1 through 255.255.255.254. These are The range of addresses between 224.0.0.0 and 224.0.0.255, inclusive, is reserved for the use of routing protocols and other low-level topology discovery or maintenance protocols, such as gateway discovery and group membership reporting.
Half Duplex Ethernet - Collision
In a half duplex Ethernet network, a collision is the result of two devices on the same Ethernet network attempting to transmit data at exactly the same time. The network detects the "collision" of the two transmitted packets and discards them both.
Ring Topology
In a ring topology, all of the devices are connected to each other in a ring form. We used have token ring network as very popular local area networks, but now, you would see ring networks and things like Metropolitan Area Networks and Wide Area Networks. It's common to see these ring networks implemented as dual-ring networks. That way if there is a break in the network, it can loop onto itself for fault tolerance and maintain the uptime of the entire ring by providing that loop onto itself.
Resource Management - On Premise
In a traditional deployment model, all of the hardware was private, it was in your own data center, and it was on your premise. You had complete control of all of the hardware, all of the software, and the location where all of that information was located.
SOHO LAN Setup
In a typical SOHO setup the router connects connects to the internet (via modem etc...) and creates and access point (for wireless), and using a switch (external or internal) provides wired access to devices connected.
Enterprise Network Setup
In an enterprise setting, there is not much that is different that a SOHO setting. It is scaled up however, with multiple router switches and modems. A central core or switches is located somewhere in the infrastructure. Enterpise networks can connect multiple buildings. But it all breaks down to the same setup.
CSMA/CD
In computer networking (half-duplex), Carrier Sense Multiple Access With Collision Detection (CSMA/CD) is a network control protocol in which (a) a carrier sensing scheme is used (CS - Carrier Sense) and (b) a transmitting data station that detects another signal (CD - collision detect) while transmitting a frame, stops transmitting that frame, transmits a jam signal, and then waits for a random time interval (known as "backoff delay" and determined using the truncated binary exponential backoff algorithm) before trying to send that frame again.
Distance vector routing - Hops
In distance vector routing protocol, a "hop" is a router on the path.
Network Segmentation - Virtual LAN
In larger networks domains are separated logically instead of physically. You reduce the hardware and still achieve network separation.
DNS Process - Recent Access
In most cases, if the user has recently accessed URLs of the same domain, or other users relying on the same DNS resolver have done such requests, there will be no DNS resolution required, or it will be limited to the query on the local DNS resolver.
OSI Layer 4
In the OSI model the transport layer is often referred to as Layer 4. This layer manages packetization of data, then the delivery of the packets, including checking for errors in the data once it arrives.
Link state routing - example
In the example shown, link state would choose R2 - R3 - R1 as the route because unlike distance vector protocols link state take the speed of the connections into account, and finds the best path forward
Subnetting - Calcuating Available Classless Subnets Example 3
In this case, we have 172.16.55.0/21. The /21 at the end means that we've got 21 subnet bits that are set, and the rest of the bits would be 0. We know that the 172 at the beginning of this IP address means that this is a Class B address, w/ a 16 bits subnet mask. 21 -16 leaves 5 bits to use as subnetting bits, with 11 left for the hosts. If we perform our calculation for the subnet, we've got 5 bits available. So 2^5=32. We could create 32 individual networks from this particular subnet mask. For the hosts it would be 2^11=2048-2=2,046 devices per subnet.
DHCP Relay Example - Setup
In this example Sam is sending a message to Jack. Notice that the only DHCP server on this network is over on the same subnet that Sam happens to be on, but there are a number of routers between Jack and that DHCP server. So we're going to configure that first router that's closest to Jack with a DHCP relay IP address, and we'll tell it that the DHCP server that will be provided for this subnet is located at 10.10.99, which is also the IP address of this DHCP server.
IPv6 Subnetting - IANA Subnetting
In this example, ARIN, the North American RIR has been given 2600 as the prefix. ARIN then further subnets that for individual ISPs. An ISP might be provided 2600 and then four Cs, 2600 quad D, 2600 quad E. And the ISPs can now start subnetting from there for their customers. ISP number 2 may have different customers, customer 1, 2, and 3, and they may provide customer 1 with an IPv6 range of 2600 DDDD 1111. The next customer for that ISP might get 2600 DDDD 2222. And the next might get 2600 CCCC 3333
IPv6 Subnetting Example - Network vs Host
In this example, comparing it to IPv4. The first half of the IPv6 address, the first 64 bits, are effectively the prefix or the network address. And then the last 64 bits would be dedicated as the host part of the IPv6 address.
CSMA/CA - Hidden Node
In wireless networking, the hidden node problem or hidden terminal problem occurs when a node is visible from a wireless access point (AP), but not from other nodes communicating with that AP.
Internet of Things - Infrared
Infrared is used in mobile phones, our tablets, and our smart watches. Although in the past, we used infrared for file transfers and printing, the most common use these days of infrared is to control an entertainment center all by using your mobile device. Infrared has max distance of about 1 meter with a max speed of 1 Gbps, also infrared used light and is line of sight.
IaaS
Infrastructure as a service: is when you're provided all the hardware, and then it's up to you to make everything else happened. Also known as aka hardware as a service, because you've outsourced the hardware, but you're handling all of the operating systems, all of the management of the devices and all of the security of your data. With IaaS, all of your data is still out in the cloud, but you have a little bit more control about how that data is used. Many web server providers provide infrastructure as a service where they will provide you with a system and maybe an operating system, and then it's up to you to load all of the other software and applications you need on that infrastructure as a service. Amazon Web Services, and Microsoft Azure are example of IaaS
802.11 Characteristics - Channels
Instead of us having to remember the exact frequency in the 2.4 gigahertz or 5 gigahertz frequency range, the IEEE standards have grouped together these frequencies into channels. It makes it very easy to reference when you're configuring a wireless access point.
Circuit Switching - ISDN
Integrated Services Digital Network: ISDN is a bit of an upgrade from the telephone. But it is still dialing a phone number and creating a circuit. And that is what you're going to send the data over an ISDN network.
IGP
Interior Gateway Protocol: a type of protocol used for exchanging routing information between gateways (commonly routers) within an autonomous system (for example, a system of corporate local area networks). This routing information can then be used to route network-layer protocols like IP.
IPv6 Subnetting - IANA
Internet Assign Numbers Authority: the organization under a contract from the U.S. government that has overseen the allocation of Internet Protocol addresses to Internet service providers (ISPs). IANA also has had responsibility for the registry for any "unique parameters and protocol values" for Internet operation. These include port numbers, character sets, and MIME media access types.
IMAP4
Internet Message Access Protocol (Port: tcp/143). An Internet standard protocol used by e-mail clients to retrieve e-mail messages from a mail server over a TCP/IP connection. It includes the management of email inboxes from multiple clients
Data Transport Structure
Internet Protocol consists of Ethernet header and trailer, a TCP and IP section and the data being sent (payload). The data section follows the header. Its contents are the payload data carried for the application. The data (payload) is encasuplated with TCP, which is then encapsulated within IP, and then within IP protocol. (for example in the picture HTTP data is the payload)
IPv4
Internet Protocol v4. The original internet addressing system is called 'Internet Protocol, Version 4' (IPv4). (ex. 192.168.1.131). IPv4 addresses are 32-bit numbers that are typically displayed in dotted decimal notation. A 32-bit address contains two primary parts: the network prefix and the host number. All hosts within a single network share the same network address.
IPv6 Subnetting - ISP
Internet Service Provider: An ISP (Internet service provider) is a company that provides individuals and other companies access to the Internet and other related services such as Web site building and virtual hosting.
ISL
Interswitch Link: Legacy trunking protocol. Predates 802.1Q
SNMP v3
Introduced authentication, encryption and message integrity checks
IPv6 Networking - Loopback Address
Ip iPv6 the loopback address is ::1
Port: tcp 389
LDAP: Lightweight Directory Access Protocol
Port: tcp/636
LDAPs: Lightweight Directory Access Protocol Secure
OSI Model - Layer 1 (Physical)
Layer 1 (the physical layer) defines electrical and physical specifications for devices. The physical layer defines the relationship between a device and a transmission medium, such as a copper or optical cable. Issues with cabling, having to patch panels, and adapters happen at this layer
DHCP Lease Process
Let's say that we're on a laptop that has received an IP address and the lease time is eight days, the T1 timer, by default, will try to perform a renewal timer after 4 days (50% of the least ttime), and it will try rebinding or use the T2 timer after seven days. So if four days goes by and into the fifth day, this device will try to check back in and renew the T1 timer, updating itself on that original DHCP server, and start the timer back again. Let's say that DHCP server suddenly becomes unavailable, and we go past the 50% mark. Now when we finally get to the 87 and 1/2 percent or seven days into this particular lease, it will try to rebind itself with some remaining DHCP server on the network, and if that's successful the process is reset and the timer begins counting forward again.
Subnetting - Defining VLSM
Let's take a network 10.0.0.0. Its traditional class A, subnet mask is 255.0.0.0. This is referred to as Classful addressing, b/c it's based on that class A, subset mask. In binary 255.0.0.0 has eight 1s at the beginning and all 0s after that. In decimal, this is a /8 subnet mask. Based on the subnet mask, then, we have 8 bits for the the network and 24 bits for the host address. But it would be very unusual to have millions of hosts on a single subnet. Instead, let's borrow some of those bits, to be able to make the number of networks larger and perhaps the number of hosts on a network a little bit smaller. So instead of applying all 24 of these bits, let's back out a few of those and leave 8 bits at the end. If we do that, then we have a network that is still 8 bits long. We've borrowed 16 of those bits that were left in the host part of the address, and we will use those for different subnets. And then we have 8 bits left over for the host that we would use on each one of those subnets.
Subnetting - Calcuating Available Classless Subnets Example 1
Lets use the IP address 10.1.1.0/24. If we were to write out the /24 subnet mask, we have 24 1s, and then eight 0s at the end. We know that, because this IP address starts with a 10, that this is traditionally a Class A. So we start with those first eight bits that are associated with a Class A, subnet mask. We are then going to move our bar down to 24 bits, giving us 16 bits to calculate different subnets and, we have the 8 bits at the end that we'll use to assign to different devices on each individual IP subnet. To determine the total subnets we could create we use 2^16 or 65,536 possible networks that you could create from this subnetting. For the hosts we've got 8 bits available so we use the formula 2^host bits - 2, so 2^8 - 2 or 256 - 2 = 254. So the total number of hosts that we could have on any of these individual subnets is 254 maximum hosts.
LDAP
Lightweight Directory Access Protocol (Port: tcp 389). The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that is used to connect to, search, and modify Internet directories.
LDAPs
Lightweight Directory Access Protocol Secure (Port: tcp/636). Same as LDAP but uses SSL (Secure Sockets Layer) to secure the information.
IPv6 Addressing - DHCPv6 Process
Like DCHP in IPv4, assigning in IPv6 has 4 steps. The first is a DHCPv6 solicit message to a multicast address in a particular UDP port looking for DHCP servers. Then the DHCP server receives that multicast and responds back with a DHCPv6 advertised message with an associated IP address. The DHCP client will receive the list of all of the different advertisements from all of the DHCP servers on that subnet, choose one, and then send back a DHCPv6 request message. The DHCP server responds with a DHCv6 reply message, at which point that workstation will configure itself with the IP version address that was assigned by the DHCP server.
IPv6 Addressing - DHCPv6
Like with with IPv4, we can use DHCP in IPv6. With IPv6, though, every device has already been assigned a link local address. You'll see those links local addresses all start with fe80, and every interface that is configured for IPv6 will automatically have a link local address associated with it (link local addresses are made using the MAC Addresses). Because there is an IP address that we can use to communicate locally, we don't need to send this information out using broadcasts. This DHCP communication can be sent with multicast, using UDP port 546/547.
LACP
Link Aggregation Control Protocol: use to specify ports for linking switches. This increases bandwidth
Link state routing protocols
Link state routing is a complex routing technique in which each router shares information with other routers about the reachability of other networks and the metric to reach the other networks in order to determine the best path. Unlike distance vector link state takes into account the speed, distance and state on the link. Link state protocols are very scalable and send information about directly connected links to all the routers in the network. Examples of Link state routing protocols include OSPF - Open Shortest Path First and IS-IS - Intermediate System to Intermediate System.
LAN
Local area network: is a group of computers/devices that share a common communications line or wireless link to a server. Typically, a LAN encompasses computers and peripherals connected to a server within a distinct geographic area such as an office or a commercial establishment.
7 Second Subnetting - "Borrowing" Bits and doubling Sunbets
Look at the chart given, you'll notice there are certain patterns in the math. For example, a 255.255.255.0 subnet mask is a single subnet and it's a range between 0 and 255. If we grab 1 extra bit off the end and make it 255.255.255.128, it effectively cuts that in half. So we have a range between 0 and 127, and another range between 128 and 255. If we borrow another bit and make it adopt 192 at the end, you'll notice we cut it up again into smaller pieces where you're separating these in half every single time.
MTU - TroubleShooting
MTU sizes are usually configured once. VPNs cause MTUs because you have to add additional headers. Some apps use the DF (Don't Fragment) to prevent fragmentation, which can cause it issues and prevent transmission
DNS - MX records
Mail Exhange Record: an extremely important record that allows third parties to be able to find your local mail servers. In your DNS configuration file, the MX record starts with the IN (internet) class. It is an MX record. And then you put the name of the mail server. Later in the configuration, you'll find the name of that device is listed with an "A" record that will specify the IP address of that mail server.
Internal DNS
Many organizations will maintain an internal DNS. That's because there are internal servers that you need to have some type of reference to that you may not want to make public on an external DNS server. These internal DNSs are usually installed and maintained by your local network team, and it usually is going to have your internal information that no one else should have access to. It's very common, for example, to run a DNS service on a Windows Server so that you're able to keep up with all of the different Windows devices on your internal private network.
Trunking Between Swtiches
Many routers have separate access and trunking ports.
MTU
Maximum Transmission Unit: A maximum transmission unit (MTU) is the largest packet or frame size, specified in octets (eight-bit bytes) that can be sent in a packet- or frame-based network such as the internet. The internet's transmission control protocol (TCP) uses the MTU to determine the maximum size of each packet in any transmission
MAC Address
Media Acces Control Address: The "physical" address of a network adapter. It is unique to every device. Is 48 bits (or 6 bytes) long and is diaplayed in hexadecimal.
IPv6 Addressing - MAC Address
Media Access Control address: the physical address that's associated with the network interface card on your Ethernet network. Also referred to as an EUI-48 address associated with the 48 bits of the MAC address. There are also two halves to the MAC address. The first three bytes are the OUI (Organizationally Unique Identifier), which tells the manufacturer. The last three bytes will be unique to your network interface card.
MAN
Metropolitan Area Network: a network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large LAN but smaller than the area covered by a WAN. The term is applied to the interconnection of networks in a city into a single larger network (which may then also offer efficient connection to a wide area network). It is also used to mean the interconnection of several local area networks by bridging them with backbone lines. The latter usage is also sometimes referred to as a campus network.
PoE - Mode A
Mode A utilizes data pairs 1-2 and 3-6 to deliver power. Data signals cannot interfere with power signals since both signals are at opposite ends of the electromagnetic spectrum.
PoE - Mode B
Mode B on the other hand, utilizes its "spare pairs" to supply power. The power sourcing equipment applies a positive voltage to pins 4- 5 and a negative voltage to pins 7-8. Cable with "spare pairs" are usually running at lower speeds
CSMA/CD - MA
Multiple Access: Signifies that there is more than one device on the network
802.11 Characteristics - 802.11n - MIMO
Multiple input, Multiple output: an antenna technology for wireless communications in which multiple antennas are used at both the source (transmitter) and the destination (receiver). 802.11n introduced MIMO. With 802.11ac, we improved on MIMO by introducing multi-user MIMO where we could send data to multiple users simultaneously over the same frequencies.
Multiplexing
Multiplexing (or muxing) is a way of sending multiple signals or streams of information over a communications link at the same time in the form of a single, complex signal; the receiver recovers the separate signals
NAT Overload/PAT
NAT Overloading or Port Address Translation (PAT) is a modified form of dynamic NAT where the number of inside local addresses is greater than the number of inside global addresses. Mostly, there is just a single inside global IP address providing Internet access to all inside hosts.
NDP Functions - Discovering Network Prefixes
NDP is used to automatically discover IPv6 network prefixes where the host belongs to, by using Router Solicitaion & Router Advertisement messages.
NDP Functions - Discovering Routers
NDP is used to automatically discover routers in an IPv6 network using Router Solicitation (RS) & Router Advertisement (RA) messages.
NDP Functions - Discovering Routers Example
NDP uses a RS (Router Solicitation) multicast [ff02::2] to look for all local routers. When a router " hears" this. It sends back a RA (Router Advertisement) unicast frame with its MAC address
NTP OverView
NTP, allows us to configure our devices with an NTP server and then they can check in to that NTP server to update their clocks on a regular basis. This is an extremely accurate way of updating these clocks. Usually, the accuracy is better than one millisecond when you're updating the clocks with an NTP server on your local network.
Port: udp/123
NTP: Network Time Protocol
DNS - NS records
Name Server Records: configuration details for additional name servers on the domain. The format of a name server record would specify the class of this record, which is internet. This is the name server record, or NS. And then you'll list out the names associated with those name servers. Later on in the configuration, you can find A, or address records, that will associate the name of the name server to a specific IP address.
[nbtstat]
Nbtstat is a diagnostic tool for NetBIOS over TCP/IP. It is included in several versions of Microsoft Windows. Its primary design is to help troubleshoot NetBIOS name resolution problems
Internet of Things - NFC
Near Field Communication: Commonly found in phones. It's a two-way communication, and it's usually implemented as a way to provide payments using your mobile phone. It is used to help with the pairing process for Bluetooth. And in some environments, you can use NFC as an access token. So you can use your mobile phone to allow you access into a room with an electronic lock. NFC runs on the 13.56 MHz frequency, has a range of about 4 cm and a transfer speed of 424 Kbps
NDP
Neighbor Discovery Protocol: is used to identify the relationships between different neighboring devices in an IPv6 network. Many important functions of IPv6 like resolving MAC address of an IPv6 Address (in IPv4, ARP is used for this), Router Discovery etc., are now performed using NDP which operates using multicast with ICMPv6. This replaces Ipv4 ARP
NDP - NS
Neighbor Solicitation: used by nodes to determine the link layer address of a neighbor, or to verify that a neighbor is still reachable via a cached link layer address.
NDP - NA
Neighbor advertisements are used by nodes to respond to a Neighbor Solicitation (NS) message.
NAT
Network Address Translation: Network Address Translation (NAT) is the process where a network device, usually a firewall, assigns a public address to a computer (or group of computers) inside a private network. The main use of NAT is to limit the number of public IP addresses an organization or company must use, for both economy and security purposes. One Internet-routable IP address of a NAT gateway can be used for an entire private network. Home/SOHO routers have NAT turned on by default, while SOHO routers do not
NAS
Network Attached Storage: If you're plugging in a hard drive to your network, you may be connecting a NAS. This is a type of storage that allows us to store files across the network on this remote storage device, and we usually refer to this as file level access. If you need to change part of a file, you need to replace the entire file on the network attached storage device.
NTP
Network Time Protocol (Port: udp/123). NTP is a protocol designed to synchronize the clocks of computers over a network. This is very important for authentication, outage details, and log files. Very accurate (>1 ms on LAN)
Ephemeral Ports
Non-permanent ports, from 1024 - 65535. That are used randomly by the client or an application on the client
DNS - Forward Lookup Zone
Normal DNS queries are forward lookup queries, they request the IP address that corresponds to a fully qualified domain name (FQDN).
Switch Interface Settings - Tagged/Untagged VLANs
Normally a trunk port sends and receives 801.Q VLAN tagged Ethernet frames. If a switch receives untagged Ethernet frames, they are forwarded to the VLAN that is configured on the switch as native VLAN. Both sides of the trunk link must be configured to be in same native VLAN.
Distance vector routing - example
Notice in the example the higher speed connections from R2 to R3 to R1 (1 Mbps), speed does not matter to distance vector protocols only distance (# of hops) so the slower (100 Mbps) R2 to R1 connection is used.
Dynamic Routing Protocols - standard vs proprietary protocols
OSPF and RIP are examples of standard protocols. Other options such as EIGRP are proprietary (CISCO)
802.11 Characteristics - Omnidirectional Antennas
Omnidirectional distribute the wireless signal evenly on all sides of that antenna. This would allow you to put the wireless access point in a central location and you'd have effectively the same signal strength on all sides of that access point. You may run into a challenge, however, if your access point is on one side or the other of where you need the signal to go. In those cases, you may want to use a more directional antenna.
802.11 Characteristics - 802.11 a/b/g Single Antenna
On 802.11a, b, and g, there was one antenna on the access point and one antenna on the client. The communication occurred over a single frequency from one device to the other.
Distributed Switching - Example
On this network we have the physical world that has a physical switch, and of course, we have servers that we've built to host these virtualized environments. In the virtual world on top of those servers, each one of these may have a web server, a database server, and a test server along with hundreds of other servers that may be running in that virtual world.
CSDMA/CA
On wireless networks a sedning station cannot ""hear" other stations. So CD (collision detection) is not possible. Instead CA(collision avoidance) is used. Collision avoidance uses RTS/CTS (Ready to Send/Clear to Send) to make sure the path between the sending and receiving stations is clear for transmission of data
NTP - Configuration
On your client workstations you generally would configure your NTP client, which may specify an IP address or the domain name of a particular NTP server. And if this is inside of your network you may want to specify your own internal IP addresses. You can also use multiple NTP servers just in case one of those is not available. If this NTP service is going to be on your own internal network you'll need at least one NTP server to act as the clock source. You'll also specify in the configuration of that NTP server what stratum this device happens to be. So, if a client has the choice of synchronizing itself with an NTP server that has a stratum level of two and another NTP server that has a stratum level of one it will choose to synchronize itself with the server that has the lower stratum number or the stratum level one.
Broadcast
Once device sends info to every device on the network. It has a limited scope (broadcast domain) , and is used for routing updates, and OS system updates. Not used in IPv6 (multicast instead)
SDN: Programming
One of the key features of an SDN is that it's directly programmable. This data plane is completely separate from the control plane, so you can make configuration changes or look at log information, and that's a completely separate process than the ongoing operation of the data plan. SDN's are also agile. That means that we can make changes on the fly at any time.
Internet of Things - 802.11
One of the most common internet of things technologies is our 802.11 wireless networks. We use them in our home, we use them at work, and we use them everywhere else as well. This is an IEEE standard. It's managed by the IEEE 802 committee. There have been many updates to 802.11 over time, it is a very popular wireless technology. If you want to be sure that your Wi-Fi devices will be able to communicate with each other, you need to look for the Wi-Fi trademark on the devices, which help ensure that all of these will be able to interoperate with each other.
DNS - DNS Database - A Records Example
One of the most important roles of a DNS is the one where we are associating an IP address with a fully qualified domain name. And if we look at this section of the lookup file, you'll see there are some machine names and you'll see IP addresses associated with those machine names. Let's break out these individual address resource records. These address records are called A records or quad A records.
Unicast
One station sending info to another station (always 2 devices). Ex. web surfing, file transfers. Not good for activities where you have to connect to multiple device at once (ex. streaming) b/c you would have to set to set up a connection to each device.
7 Second Subnetting Process - Tool 1 - CIDR to Decimal Chart
One the left are 4 columns, and each associated with one of the octets of the IP address. Column 1 is /1 through /8, /9 through /16 in the second, /17 through /24, and /25 through /32 in the fourth column. EACH COLUMN TELLS YOU WHICH OCTET THE SUBNET MASK ENDS IN AND WHAT THE NUMBER IN THE LAST OCTET IS Then I want to calculate how many Networks will be available in each one of these. So in the networks colums I start with 2, and then I multiply that by 2 each time. 2,4.8.... to 256. Then I create an Addresses column, and start at the bottom with the number 1. And again, I'm doubling each time. I double to 2,4,8,16... to 128 addresses. And now the final column(in the middle), which is going to help me make that conversion between the CIDR block notation and the decimal notation. I'll start with 128 at the top, and then I'll add the next row in the addresees columd (in this case 64) and move down. So adding as you goi is 128+64=192. 192+32=224. 224+16=240. Until you get to the bottom with 255.
802.11 Characteristics - Yagi Antenna
One type of high-gain directional antenna is the Yagi antenna (top left) where you have the single antenna and multiple reflectors along the side that allow you to focus the signal.
802.11 Characteristic - Directional Antennas Types
One type of high-gain directional antenna is the Yagi antenna where you have the single antenna and multiple reflectors along the side that allow you to focus the signal. Another type of directional antenna is the parabolic antenna. This allows you to reflect a signal off of a curved surface and reflect it into a single feed horn, allowing you a very good way to have a directional signal between two devices.
IGP (IPv6) - OSPFv3
Open Shortest Path First version 3 (OSPFv3) is an IPv4 and IPv6 link-state routing protocol that supports IPv6 and IPv4 unicast address families (AFs)
IGP (IPv4) - OSPFv2
Open Shortest Path First: OSPF uses a link state or shortest path first algorithm. OSPF's most significant advantage compared to RIP is the reduced time needed to converge after a network change. In general, OSPF is more complicated to configure than RIP and might not be suitable for small networks.
OSI Model
Open Systems Interconnection model. Defines a networking framework to implement protocols in layers, with control passed from one layer to the next. It conceptually divides computer network architecture into 7 layers in a logical progression. The lower layers deal with electrical signals, chunks of binary data, and routing of these data across networks. Higher levels cover network requests and responses, representation of data, and network protocols as seen from a user's point of view.
Miredo
Open source version of Toredo for use on Linux Mac OS and other operating systems.
OUI
Organizationally Unique Identifier: first 3 bytes of the MAC Address that identifies the manufacturers.
SDN: Control Plane vs Data Plane
Originally, SDN focused solely on separation of the control plane of the network, which makes decisions about how packets should flow through the network from the data plane of the network, which actually moves packets from place to place. When a packet arrives at a switch in the network, rules built into the switch's proprietary firmware tell the switch where to forward the packet. The switch sends every packet going to the same destination along the same path, and treats all the packets the exact same way. In SDN, packet handling rules are sent to the switch from a controller, an application running on a server somewhere, and switches (also known as data plane devices) query the controller for guidance as needed, and provide it with information about traffic they are handling. Controllers and switches communicate through a controller's south bound interface, usually OpenFlow, although other protocols exist.
Port: tcp/110
POP3: Post Office Protocol v3
Packet Switching
Packet switching is how we think of networking today. We take our data, we put it into a wireless network, or a wired network, and we send the traffic on its way, and it finds its way to its destination. This might be data, it might be video, it might be voice- doesn't matter. We're sending this data out over the network and it's finding its way and switching based on what's in the packet. Usually this media is over a network that is shared with everyone else.
802.11 Characteristics - Parabolic Antenna
Parabolic antennas allow you to reflect a signal off of a curved surface and reflect it into a single feed horn, allowing you a very good way to have a directional signal between two devices.
Non-ephermeral ports
Permanent port numbers, from 0 - 1023 that are used by specific servers or services. (ex. TCP 22 - SSH, TCP 443 - HTTPs)
PAN
Personal Area Network: the interconnection of information technology devices within the range of an individual person, typically within a range of 10 meters. For example, a person traveling with a laptop, a personal digital assistant (PDA), and a portable printer could interconnect them without having to plug anything in, using some form of wireless technology. Typically, this kind of personal area network could also be interconnected without wires to the Internet or other networks.
Circuit Switching - POTS/PSTN
Plain Old Telephone Service - The most ubiquitous circuit-switching network is the telephone system, which links together wire segments to create a single unbroken line for each telephone call. Also called Public Switched Telephone Network (PSTN)
PaaS
Platform as a service: is one that also has no physical servers in your environment. You don't have to maintain any software, have a maintenance team or a data center. Someone else is handling the platform in the cloud, and you handle all of the development processes. As with Saas, the PaaS environment is handled by a third party. You're not responsible for maintainenance. There's trained professionals that are in charge of watching over all of your systems and making sure that everything is secure. Unlike software as a service, a platform as a service offering is one that's giving you a sandbox where you can build your own applications. They're usually providing you with modular building blocks that you could use to put together the perfect application for your use. A popular example of platform as a service is salesforce.com that allows you to take all of the modular pieces that are available on their platform and build your custom application.
DNS - PTR
Pointer Records: used to perform the reverse of an A or a AAAA record. In the configuration of our DNS, we would list out the IP addresses associated with these devices. We would specify that these are PTR or pointer records, and then we would provide the fully qualified domain name of these devices.
Port Mirroring
Port Mirroring, also known as SPAN (Switched Port Analyzer), is a method of monitoring network traffic. With port mirroring enabled, the switch sends a copy of all network packets seen on one port (or an entire VLAN) to another port, where the packet can be analyzed. Port Mirroring function is supported by almost all enterprise-class switches
Ports
Ports tell the receiving system which application the data is destined for. Some ports are fixed (ex. Port 80 - HTTP) and some change be changed depending on the program.
POP3
Post Office Protocol v3 (Port: tcp/110). Basic mail transfer functionality. Your e-mail client (ex. Outlook Express) can connect to your POP3 e-mail server and download the messages from the POP3 text file onto your PC. That is about all that you can do with POP3.
PoE
Power over Ethernet: any of several standard or ad-hoc systems which pass electric power along with data on twisted pair Ethernet cabling. Power over Ethernet (PoE) can transmit power up to 100 meters.
Private Cloud
Private cloud is a type of cloud computing that delivers scalability and self-service, but through a proprietary architecture. Unlike public clouds, which deliver services to multiple organizations, a private cloud is dedicated to the needs and goals of a single organization. A private cloud is created and maintained by an individual enterprise. The private cloud might be based on resources and infrastructure already present in an organization's on-premises data center or on new, separate infrastructure. In both cases, the enterprise itself owns and operates the private cloud.
PDU
Protocol Data Unit: Information that is transmitted as a single unit among peer entities of a computer network. A PDU may contain user data or control information and network addressing. Each PDU works at different OSI levels for different things
[nbtstat -R]
Purges and reloads the remote cache name table
QoS
Quality of Service: the process of controlling traffic flows across a network. There are many different methods of implemeting QoS overmany different topologiesways to do this (some routers provide this capability
Port: tcp/3389
RDP: Remote Desktop Protocol
CSMA/CA - RTS/CTS
RTS/CTS is an additional method to implement virtual carrier sensing in Carrier sense multiple access with collision avoidance (CSMA/CA).
Internet of Things - RFID
Radio frequency identification: used everywhere in our daily life. It's used in our access badges and inventory tracking. And some of us even have RFID tags inside of our pets. RFID tags are usually not powered devices. They're powered using the radio energy that is sent to the tag. It powers up the tag, and the tags sends back an ID over this wireless communication. This is a bidirectional communication, and you can find some RFID tags that do use a powered or active format as well.
RSTP
Rapid Spanning Tree Protocol (aka 802.1w), an updated STP that brings down setup time from 30 - 50 seconds for the normal STP to 6 seconds. Is backwards compatible with the normal 802.1D STP so you can mix both on your network. Setup is very similar to STP so updating from STP is easier.
IPv6 Compression - Double Colons
Real IPv6 addresses tend to contain long sections of nothing but zeros, which can also be suppressed. For example: FE80:CD00:0000:0000:0000:0000:211E:729C In this address, there are four sequential sections separated by zeros. Rather than simply suppressing the leading zeros, you can get rid of all of the sequential zeros and replace them with two colons. The two colons tell the operating system that everything in between them is a zero. The address shown above then becomes: FE80:CD00::211E:729C 2 Rules to Remember: • You can suppress a section only if it contains nothing but zeros. • Second, you can use the double colon notation only once in any given address.
RDP
Remote Desktop Protocol (Port: tcp/3389). RDP allows you to remotely connect to a device. It's available natively on Windows, and allows you to connect to the entire desktop or a specific app. Other OSs have their own version, and there are specific programs that perform the same function (ex. Splashtop)
NDP Functions - Unsocilited RA messages
Routers occasionally send unsolicited ra messages from the multicast destination of ff02::1. These usually contain IPv6 address information prefix values/lengths and other information.
Dynamic Routing
Routers send routes to other routers, which are updated automatically in real time. They automatically bprivude subnet info allowing the best path to be determined. They can also chan
Broadcast Domain
Routers separate broadcast domains into by switch. So each switch becomes it own broadcast domain but is separated from any other switch's broadcast domain
IGP (IPv6) - RIPng
Routing Information Protocol next gen: RIPng is an extension of RIP for support of IPv6. The configuration of RIPng is requires at least two steps: 1. enable RIPng using the global configuration command ipv6 router rip tag. The tag is used to differentiate between multiple RIP processes. It does not have to be the same on all routers. 2. enable the routing protocol on the interface using the ipv6 rip tag enable. The tag has to match the one used in the ipv6 router rip tag command
IGP (IPv4) - RIP
Routing Information Protocol: Routing Information Protocol (RIP) is a dynamic routing protocol which uses hop count as a routing metric to find the best path between the source and the destination network. It is a distance vector routing protocol which works on the application layer of OSI model, using port number 520. Rip determines the best route via hop count,which is the number of routers occurring in between the source and destination network. The path with the lowest hop count is considered as the best route to reach a network and therefore placed in the routing table. RIP prevents routing loops by limiting the number of hopes allowed in a path from source and destination. The maximum hop count allowed for RIP is 15 and hop count of 16 is considered as network unreachable. With RIP: Updates (always broadcast) of the network routing info re exchanged periodically as full routing tables, and the routers always trust routing information received from neighbor routers. This is also known as Routing on rumours.
Dynamic Routing Protocols - Deciding a route
Routing protocols assign routes based on certain characteristics; such as the state of the link or how far away it is. Procotols apply a formula to the criteria to create a metric and then rank the route from best to worst
Port: tcp/22
SFTP: Secure File Transfer Protocol
Port: tcp/5060, tcp/5061
SIP: Session Initiation Protocol
Port: tcp/445
SMB: Server Message Block
Port: tcp/25
SMTP: SImple Mail Transfer Protocol
Port: udp/161
SNMP: Simple Network Management Protocol
Port: tcp/22 SSH
SSH: Secure Shell
Port: tcp/587
STARTTLS (legacy STARTTLS uses Port 465, but is no longer in use b/c of conlficts with SMTP via SSL/TLS using the same port)
STARTTLS
STARTTLS is an email protocol command that tells an email server that an email client, including an email client running in a web browser, wants to turn an existing insecure connection into a secure one. (By the way, the use of "TLS" in the STARTTLS command name does not mean that it only works with the TLS security protocol. It works with SSL too.) STARTTLS uses port 587
Subnetting - VLSM Purpose
Say you had the network 10.0.0.0/8- that would be a traditional class A network- we could use variable length subnet masks to have many different kinds of networks, all with different masks. For example, you might have 10.0.1.0. That network has a 24-bit subnet mask. And you might also have a 10.0.8.0 network with a 26-bit subset mask. Those differences in the subnet masks and the ability to design our network in a way that makes sense for what we're doing, rather than designing it around limitations of an IP address or, what we call, variable length subnet masks.
SFTP
Secure FIle Transfer Protocol (Port: tcp/22). Uses SSH (on the same port) to transfer encrypted files. It also allows you to resume interrupted transfers, provide directory listings and remove files remotely
SSH
Secure Shell (Port: tcp/22) Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network. Looks and acts the same as Telnet, but all the communication is encypted
SSL
Secure Sockets Layer (Port: tcp/443). A protocol for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data. SSL is the predecessor to Transport Layer Security (TLS).
DNS - TXT Record - SPF Protocol
Sender Policy Framework: a type of text message that helps prevent someone else from spoofing your domain name as emails are sent out across the internet.
Routing
Sending IP packets across the network, forwarding decisions are based on the destination IP address each router only knows the next step. The packet ask for "directions" at every stop, these "directions" are held in a routing table.
SMB
Server Message Block (Port: tcp/445). Used by Windows for file and printer sharing also called CIFS (common internet file system). Communicates directly over TCP/445 without NetBIOS transport. Allows communication directly between devices using the IP protocol.
DNS - SRV
Service Records: DNS records that can help you find particular services on your network. For example, you could make a SRV record that would allow Windows devices to find Windows domain controllers on the network, or so that voiceover IP devices can find the centralized voiceover IP controller on your network.
SIP
Session Initiation Protocol (Port: tcp/5060, tcp/5061). A communications protocol for setting up and managing multimedia communication sessions. The most common applications of SIP are in Internet telephony for voice and video calls (VoIP), as well as instant messaging, over Internet Protocol (IP) networks. It allows for added features such as video conferencing, IMs, and file transfers.
DHCP - Windows DHCP Example
Shown is a DHCP server running on a Windows Server. This one provides DHCP services for the G1.SGC.LocalDomain, and these are the parameters for IPv4 IPs in my DHCP server. I've created a single scope for this server, which is servicing 165.245.44. The scope includes an address pool (a list of available IPs). We have address leases, so we can see exactly what devices have been provided an IP. I can provide reservation, so I can associate a single IP with a Mac address and automatically configure that using DHCP, and then I have a section for scope options to provide additional details for these IP leases.
DHCP - Static Allocation Examples
Shown is a DHCP server running on a wireless router, and it also provides static allocations. It calls these address reservations, you can add an IP address, add a device name, and specify the Mac address of that device. So if this DHCP server sees this Mac address on the network, it will provide a DHCP address that's specified in the address reservations, rather than pulling in a address from the available pool.
DNS - FQDN Example
Shown is a fully qualified domain name that has everything within professormesser.com. Within there may be the web server for www.professormesser.com. We may break out these domains even further to have a west.professormesser.com and an east.professormesser.com. And there may be servers that exist in these different regions, and we can specify their fully qualified domain name as ethan.west.professormesser.com and katie.east.professormesser.com.
SMTP
Simple Mail Transfer Protocol (Port: tcp/25). Used to SEND mail from a server to server or to send mail from a device to a mail server. Commonly configured on mobile devices and email clients
SMNP
Simple Network management protocol (Port: udp/161). Used mainly to query and get information from infrastructure devices.
SDN
Software Defined Network: In a software-defined network, a network administrator can shape traffic from a centralized control console without having to touch individual switches, and can deliver services to wherever they are needed in the network, without regard to what specific devices a server or other hardware components are connected to. The key technologies for SDN implementation are functional separation, network virtualization and automation through programmability.
SaaS
Software as a service: a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet. SaaS removes the need for organizations to install and run applications on their own computers or in their own data centers. This eliminates the expense of hardware acquisition, provisioning and maintenance, as well as software licensing, installation and support. A good example of this is Google mail, where you simply log in, and your entire mailbox and everything you need is ready to go
Distributed Switching - Purpose
Some of the challenges we have with supporting a network with physical and virtualized environment in this type of environment is that we may want to separate out these particular devices into their own VLANs. For example, the test server should probably always be on a separate VLAN from the production web server and database server. We also have the challenge that any of these virtual devices may move anywhere else in the network at any time, because we may need more capacity or perhaps we need less capacity on the network. And when that happens, we need to make sure that the IP addressing, the firewalls, and all of the other components associated with the infrastructure will move and properly allow access along with that server. One of the ways that we're able to do that is to provide distributed switching. This virtualizes the networking so that we're able to group together individual services into their own VLAN regardless of where the actual virtual machine happens to live.
Spanning tree protocol
Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network.
Switch - STP
Spanning Tree Protocol: a Layer 2 (Data Link) protocol that runs on bridges and switches. and ensures that you do not create loops when you have redundant paths in your network. Loops are deadly to a network.
Ethernet Frame - SFD
Start Frame Delimiter: An eight-bit (one-byte) value that marks the end of the preamble, which is the first field of an Ethernet packet, and indicates the beginning of the Ethernet frame.
DNS - SOA
Start of Authority: a type of resource record in the Domain Name System (DNS) containing administrative information about the zone, especially regarding zone transfers. Normally DNS name servers are set up in clusters. The database within each cluster is synchronized through zone transfers. The SOA record for a zone contains data to control the zone transfer. This is the serial number and different timespans. It also contains the email address of the responsible person for this zone, as well as the name of the primary master name server. Usually the SOA record is located at the top of the zone.
NDP - SLAAC
Stateless Address Auto Configuration: IPv6 feature which allows the various devices attached to an IPv6 network to connect to the Internet using the SLAAC without requiring any intermediate IP support in the form of a DHCP server. Earlier, configuration of the IP addresses was a manual process requiring support of a DHCP server. However, IPv6 allows the network devices to automatically acquire IP addresses and also has provision for renumbering/reallocation of the IP addresses en masse. It simplifies the process of IP address allocation by doing away with the need of DHCP servers and also allows a more streamlined assignment of network addresses thereby facilitating unique identification of network devices over the Internet.
Static Routing - Default Route
Static routing can be used to define an exit point from a router when no other routes are available or necessary. This is called a default route.
Static Routing
Static routing is a form of routing that occurs when a router uses a manually-configured routing entry, rather than information from a dynamic routing traffic. In many cases, static routes are manually configured by a network administrator by adding in entries into a routing table, though this may not always be the case. Unlike dynamic routing, static routes are fixed and do not change if the network is changed or reconfigured. Static routing: • is often more efficient in smaller networks, since a link is not being wasted by exchanging dynamic routing information. • can complement dynamic routing to provide a failsafe backup in the event that a dynamic route is unavailable, • can help transfer routing information from one routing protocol to another (routing redistribution).
Static Routing - Advantages
Static routing, if used without dynamic routing, has the following advantages: • causes very little load on the CPU of the router, and produces no traffic to other routers. • easy to configure/manage on small networks and sub networks • gives the network administrator full control over the routing behaviour of the network. • is more secure as there are no routing protocols to analyze
SAN
Storage Area Network: a more advanced storage type than NAS. With a storage area network, the remote storage device is more of an extension of your computer. We refer to this as block-level access. If you need to change part of a file, you simply change the blocks that have been changed rather than rewriting the entire file on the storage device. This makes SAN very efficient for reading and writing files
Switches - Learns MAC Addresses
Switches examine incoming traffic to make notes of the source Mac address, it adds the unknown Mac address to the MAC address table and set the output interface to received interface
Switch - Characteristics
Switches forward or drop frames based on the destination mac address. Builds a constantly updating MAC address list based on incoming traffic. Maintains a loop-free environment using Spanning Tree Protocol
TCP/UDP Ports numbers
TCP/UDP can use any number between 0 - 65535. Most servers use permanent port numbers, but not always. An application can use any port number it wants. Changing a port number doesn't add any security, and most service port numbers need to be well-known in order to function properly.
Port: udp/69
TFTP: Trivial File Transfer Protocol.
Subnetting - Calcuating Available Classless Subnets Example 2
Take 192.168.11.0/26. The /26 means that we have 26 1s in the subnet mask, and that leaves us with six 0s at the end of the subnet mask. If we were to look at this address that starts with a 192, that means the traditional class-based subnet would give us 24 bits to be able to use for the network. This, obviously, is 26 bits long for the subnet mask, which gives us two additional bits at the end to use for subnetting which leaves, 6 bits at the end for hosts of each avaialable subnet. Using our powers of 2 chart, we can see that we've got two subnet bits available. So 2^2=4, we can create four individual IP subnets from that /26. We have 6 bits available for hosts, and 2^6=64. 64-2=62. (We subtract two of those for the subnet address and the broadcast address). SO we have 62 hosts per subnet.
Subnet Calculations - Example 1
Take the IP address of 10.74.222.11, and let's assume that we're using the default class values. This one is Class A so the the subnet mask will be 255.0.0.0. So the 10. is the only network byte and the 74.222.11 are host bytes. To find the network address, then, we set all of the host bits to 0. So instead of 74.222.11, we have 0.0.0, which means the network address is 10.0.0.0 for this particular IP subnet. Find the first host by adding 1 to the network address, so 10.0.0.1. To find the broadcast address, we change all of these host bits to be 1 in binary, so it would be 10.255.255.255. And to find the last available host that you could use on this IP subnet, we subtract 1 from the broadcast address, making the last available IP address on the subnet 10.255.255.254.
7 Second Subnetting Process - Example 1
Take this example: 165.245.12.88/24 mask. Generally, the subnet masks that end on the 8 bit boundaries, the /8, the /16, and the /24 are easier to find. First we convert both the IP address and the subnet mask to decimal. The IP address is already in decimal format, but this /24 needs to be converted. If we look at our first chart, we need to find the /24. It's in this third column. That's important for later. And you'll see that it converts to a 255. So we've got 165.245.12.88, w/ a subnet mask of 255.255.255.0 Next we need to calculate the network address. If the mask is 255, you bring down the address value at the top. And if the mask is 0, you simply use a 0 in for the network address. Which gives us 165.245.12.0. For the broadcast address, if the mask is 255 we bring down the address number. It's Exactly the same process as if we were calculating the subnet address. But if the mask is 0, we make that value a 255 instead of a 0. So that means our broadcast address is 165.245.12.255. The first usable IP is the network address plus 1. S0 165.255.12.0 + 1 = 165.255.12.1. And the last IP has a broadcast address minus 1, which means it's 165.255.12.255 - 1 = 165.245.12.254.
Telnet
Telecommunication Network (Port: tcp/23). Telnet is a user command and an underlying TCP/IP protocol for accessing remote computers via a text -based console. Through Telnet, an administrator or another user can access someone else's computer remotely. Telnet is not secure/encrypted, any information including username and password sent across it can be intercepted.
Port: tcp/23
Telnet: Telecommunication Network
Toredo
Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network. Unlike similar protocols, it can perform its function even from behind network address translation (NAT) devices such as home routers. As such no special router is needed. Used in Microsoft systems
DNS - TXT Record
Text Record: usually contains information that will be valuable to other third party services that are accessing your DNS. For example, a text record might contain SPF protocol information- this stands for Sender Policy Framework. And it's a type of text message that helps prevent someone else from spoofing your domain name as emails are sent out across the internet. Other mail servers can check this text record and determine if this particular email address really came from your email server.
DNS Process
The DNS Resolution process has many steps Step 1: OS Recursive Query to DNS Resolver Step 2: DNS Resolver Iterative Query to the Root Server Step 3: Root Server Response Step 4: DNS Resolver Iterative Query to the TLD Server Step 5: TLD Server Response Step 6: DNS Resolver Iterative Query to the www.professormesser.com NS Step 7: www.professormesser.com NS Response Step 8: DNS Resolver Response to OS Step 9: Browser Starts TCP Handshake
OSI Model - Layer 2 (Data Link)
The Data Link Layer, or layer 2 (aka the switching layer), is the protocol layer that transfers data between adjacent network nodes in a wide area network or between nodes on the same local area network segment. Has DLC (Data Link Control) protocols that aloow computer to connect via MAC address.
DHCP - Leases
The IP addresses we're assigned with DHCP are only temporary. There is an existing lease time that is associated with that IP address and the moment we receive that IP address, the lease begins counting down. There is an allocation then that's initially made by the DHCP server. Your device is assigned a lease time, and this configuration for the lease time is usually made on the DHCP server configuration. If you were to reboot your computer, a re-allocation process tries to use the same IP address that it had originally if it's still available, and if it is, it's provided to your computer and the lease timer is reset.
IGMP
The Internet Group Management Protocol: a communications protocol used by hosts and adjacent routers on IPv4 networks to establish multicast group memberships. IGMP is an integral part of IP multicast. IGMP can be used for one-to-many networking applications such as online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications. It works at OSI L2 and TCP/IP L3. IGMP is used on IPv4 networks. Multicast management on IPv6 networks is handled by Multicast Listener Discovery (MLD) which is a part of ICMPv6 in contrast to IGMP's bare IP encapsulation.
Internet of Things
The Internet of Things, or IoT, is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. Examples include wearable technology, RFID tags, home automation, heating/cooling etc..
MAC Address Structure
The MAC Address is divided into two halves. The first 3 bytes form the OUI: the Organizationally Unique Identifier that specifices the individual manufacturers. The last 3 bytes describes the Network Interface Controller's Specific Serial Number.
OSI Model - Layer 3 (Network)
The Network Layer (aka the "routing" layer) provides the functional and procedural means of transferring variable length data sequences (called packets) from one node to another connected in "different networks". It is the IP protocol layer. This layer is also responible for frangmenting data for travel.
OSI Model - Layer 6 (Presentation)
The Presentation Layer is responsible for how data looks or is formatted. Character encoding an application encryption occur at this layer. Often the protocols for used for Layer 6 are used in Layer 7 as well.
STP - Root Switch
The Root bridge (switch) is a special bridge at the top of the Spanning Tree (inverted tree). The branches (Ethernet connections) are then branched out from the root switch, connecting to other switches in the Local Area Network (LAN). All Bridges (Switches) are assigned a numerical value called bridge priority.
TCP - Three way handhsake
The TCP three-way handshake in Transmission Control Protocol is the method used by TCP set up a TCP/IP connection over an Internet Protocol based network. TCP's three way handshaking technique is often referred to as "SYN-SYN-ACK" because there are three messages transmitted by TCP to negotiate and start a TCP session between two computers. (SYN) : In the first step, client wants to establish a connection with server, so it sends a segment with SYN(Synchronize Sequence Number) which informs server that client is likely to start communication and with what sequence number it starts segments with Step 2 (SYN + ACK): Server responds to the client request with SYN-ACK signal bits set. Acknowledgement(ACK) signifies the response of segment it received and SYN signifies with what sequence number it is likely to start the segments with Step 3 (ACK) : In the final part client acknowledges the response of server and they both establish a reliable connection with which they will start eh actual data transfer The steps 1, 2 establish the connection parameter (sequence number) for one direction and it is acknowledged. The steps 2, 3 establish the connection parameter (sequence number) for the other direction and it is acknowledged. With these, a full-duplex communication is established. TCP connect end with the FIN (Finish Bot Set) sequence.
[net share]
The [net share] command is used to create, remove, and otherwise manage shared resources on the computer.
[net use]
The [net use] command is used to display information about shared resources on the network that you're currently connected to, as well as connect to new resources and disconnect from connected ones. In other words, the net use command can be used to show the shared drives you've mapped to as well as allow you to manage those mapped drives.
[net user]
The [net user} command is used to add, delete, and otherwise manage the users on a computer.
802.11 Characteristics - MIMO - Antennas and Streams
The ability to provide this multiple-input multiple-output was very dependent on the number of antennas available on a device. So for 802.11n and 802.11ac, you may see this number of antennas on an access point, number of antennas on a client, and the number of streams available documented somewhere on that particular device. For example, if you see 2×2:2, that means there's two antennas on the access point, two antennas on the client, and it can support two total streams.
OSI Model - Layer 7 (Application)
The application layer is the OSI layer closest to the end user, which means both the OSI application layer and the user interact directly with the software application (it is the layer we see ex. Outlook) . This layer interacts with software applications that implement a communicating component. For most of the components on the Internet you deal with, you likely already refer to the application-level components: (HTTP), (SMTP), Post Office Protocol version 3 (POP3) Network Time Protocol (NTP) Secure Shell (SSH) File Transfer Protocol (FTP)
Hosts File
The computer file hosts is an operating system file that maps hostnames to IP addresses. It is a plain text file. Every computer that runs TCP/Ip has a hosts file. DNS automated the publication process and provided instantaneous and dynamic hostname resolution in the rapidly growing internet network. In modern OS's, the hosts file remains an alternative name resolution mechanism, configurable often as part of facilities such as the Name Service Switch as either the primary method or as a fallback method.
DNS - DNS Database
The database of a DNS server is simply a text file. This is where you would configure the DNS server and this is where all the lookups will take place. You can see information in this sample lookup file that has information about the DNS server itself and information associated with the caching. You also see mail exchange records. There's records that are specifying the name and the IP address of other devices and this look up also contains aliases. This allows us to use different names to associate to a single fully qualified domain name.
IPv4 Networking - Loopback Address Range
The defined range of a loopback address is 127.0.0.1 through 127.255.255.254, but you'll find that some operating systems won't recognize other loopback addresses. They'll only know 127.0.0.1. We'll often use this loopback address as a way to reference our own computer. So if we want to make sure that the TCP/IP stack is working properly on our computer, we might ping our loopback address of 127.0.0.1.
STP - Designated Port
The designated ports are the ports responsible for forwarding traffic onto a network segment. Think of it like this - RPs lead toward the root bridge DPs lead away from the root bridge Because the root bridge has no blocking ports all it's ports are DP's.
NAT - RFC 1918
The designated private IP address subnets a local network uses one of in a typical configuration.
DHCP Relay Example - Step 1 Discover
The first step for DHCP is the DHCP discover. Jack is going to send a broadcast to UDP port 67, and as that broadcast reaches that IP helper or DHCP relay address, this router realizes that it needs to convert this broadcast to a unicast. So it changes the source IP address to be the router, and it modifies the destination address to instead of being a broadcast, to be exactly the IP address that we originally configured as the DHCP relay address inside of this router.
DHCP Process - Step 1 - Discover
The first step is a DHCP discover message. Currently Sam does not have an IP address. She's just turned on her laptop, so a broadcast is sent across the network to UDP port 67. That broadcast is going to be a DHCP discover message. So as that packet goes out, it will be broadcast to all other devices on the subnet, and this subnet certainly has a DHCP server associated with it. Because this is a broadcast, it goes as far as the router, and then it does not go any further than that router.
Pv4 Subnet Masks - Finding the numberr of CIDR available hosts
The formula to calculate the number of assignable IP address to CIDR networks is similar to classful networking. Subtract the number of network bits from 32. Raise 2 to that power and subtract 2 for the network and broadcast addresses. For example, a /24 network has 2^(32-24) - 2 addresses available for host assignment. Or 2^8 - 2. So a /26 subnet wouls have 2^(32-26) - 2 hosts. Or 2^6 - 2 hosts which is 64-2 or 62
Subnet Construction - Network Broadcast Address
The last IP address on a particular IP subnet is the network broadcast address. If you were to set all host bits (not bytes) to 1, this would allow you to calculate the network broadcast address.
DHCP Process - Step 4 - Acknowledgement
The last step then is for that DHCP server to send an acknowledgment saying that Sam has now leased that particular IP address and can configure it for her laptop. Again, this will be sent from this DHCP server to an IP broadcast using UDP port 68. And when Sam's laptop receives that acknowledgment, the DHCP client in her laptop will automatically configure it with the correct IP address that was provided in the acknowledgment.
NAT - Private Addresses
The majority of NATs map multiple private hosts to one publicly exposed IP address. In a typical configuration, a local network uses one of the designated private IP address subnets (RFC 1918). A router on that network has a private address in that address space. The router is also connected to the Internet with a public address assigned by an Internet service provider. As traffic passes from the local network to the Internet, the source address in each packet is translated on the fly from a private address to the public address.
[nbtstat -a]
The nbtstat - a < name > command performs a NetBIOS adapter status command on the computer name specified by < name> .
Subnet Construction - Network Address
The network address is the first IP address that happens to belong to a particular subnet. You can also get this value by taking all of the host bits (not bytes) of a particular subnet and changing them all to zero, and that will allow you to calculate the network address.
Ethernet Frame - Preamble
The preamble field is a 64-bit 7 byte series of zeros and ones that precede arriving data and tells the receiving device to "get ready" for incoming data. Apart from being a "get ready" notification, the preamble also serves as a clock synchronization device.
DNS Process - Step 4: DNS Resolver Iterative Query to the TLD Server
The resolver queries one of the .com name servers for the location of www.professormesser.com. Like the Root Servers, each of the TLDs have 4-13 clustered name servers existing in many locations. There are two types of TLDs: country codes (ccTLDs) run by government organizations, and generic (gTLDs). Every gTLD has a different commercial entity responsible for running these servers.
DNS Process - Step 2 - DNS Resolver Iterative Query to the Root Server
The resolver starts by querying one of the root DNS servers for the IP of "www.professormesser.com." This query does not have the recursive flag and therefore is an "iterative query," meaning its response must be an address, There are 13 root server clusters named A-M with servers in over 380 locations. They are managed by 12 different organizations that report to the Internet Assigned Numbers Authority (IANA).
STP - Root Port
The root port is the port the switch chooses for its overall best path to the root switch/bridge. STP configures this port automatically.
DNS Process - Step 3: Root Server Response
The root servers hold the locations of all of the top level domains (TLDs) such as .com, .net, and newer generic TLDs such as .camera. The root doesn't have the IP info for "www.professormesser.com," but it knows that .com might know, so it returns the location of the .com servers. The root responds with a list of the 13 locations of the .com gTLD servers, listed as NS or "name server" records.
DHCP Process - Step 2 - Offer
The router stops all broadcasts from going through it, but this message did make it to this DHCP server, and you'll notice that the next step will be this DHCP server is going to offer Sam an IP address. Sam obviously doesn't have an IP address yet, so this DHCP server needs to send this offer over an IP broadcast to UDP port 68, and that broadcast was received by Sam's workstation.
7 Second Subnetting Process - Tool 2 - Network Address Subnet Boundaries Chart
The second chart shows me the address groupings given a particular subnet mask. For example, if the subnet mask has a 128 as that subnet mask, then I know that the subnet will be split into two. There will be a starting number of 0 and a starting number of 128. If it's a 64 as the number of hosts in a subnet, then I know that my subnet boundaries will be 0, 64, 128, and 192.
(Moving Data) Source Port
The source port is provided to the remote machine in order for it to reply to the correct session initiated by the other side. This is achieved by reversing the destination and source ports. When the host receives this packet, it will identify the packet as a reply to the previous packet it sent.
IPv4 Networking - Subnet Mask
The subnet mass values are used by that local device to determine what IP subnet it happens to belong to. It's not a value that is commonly transmitted across the network, so you'll often ask the network administrator to provide both the IP address and the subnet mask for a particular device. With just the IP address and the subnet mask, you're able to communicate to other devices on your local network.
7 Second Subnetting Process
The things that we're going to be able to derive from these two charts is that we're going to be able to convert the IP address and a CIDR block notation into the decimal form. That first chart that we created allows us to do this very quickly. That chart also shows us how many devices per subnet will be on this particular network. The second step of the subnetting phase is to calculate the network/subnet address. The second chart that we created allows us to very quickly find the beginning and the end of that particular subnet. Thirdly, we need to know the broadcast address. This will be the last address. And again, that second chart shows us what that ending boundary is. And lastly, we need to calculate the first usable and the last usable IP address of the subnet. That's very easily done by simply adding 1 to the network address and subtracting 1 from the broadcast address.
OSI Model - Layer 4 (Transport Layer)
The transport layer of the Open System Interconnection (OSI) model is closely related to the network layer, but adds functionality to it. You can think of this layer as a traffic cop for the packets of the network layer. The transport layer takes responsibility for verifying data delivery. Uses TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)
STP Port States
There are 5 Spanning Tree Protocol Blocking States: Blocking - not forwarding (NF) to prevent loop Listening - NF and cleaning MAC table Learning - NF and adding to the MAC Table Forwarding - Passing data through Disabled - port is turned off by admin A switch does not enter any of these port states immediately except the blocking state. When the Spanning Tree Protocol (STP) is enabled, every switch in the network starts in the blocking state and later changes to the listening and learning states.
802.11 Characteristics - Wireless Survey Tools
There are a number of built-in tools or any number of third-party products can provide you with information into exactly what's happening on your wireless network. And if you're doing a lot of wireless installations and you need a very precise view of exactly what's going on at every frequency of the 802.11 wireless range, you may want to invest in a spectrum analyzer that can show you details of exactly what's happening at every frequency.
Assigning IPV4 - DHCP - Static Leases
There are a number of devices on your network that you might want to always have exactly the same IP address, and you don't want them to change based on what might be available in a DHCP pool. For example, you might have servers, printers, or other infrastructure devices that you would like to administratively assign an IP address, and you never want that IP address to change. One way to accomplish this is to manually configure an IP address on every single server, printer, infrastructure device. This would require disabling DHCP, and then manually typing in the IP address, subnet mask, DNS information, and anything else that might be required for the IP configurations on that device.
802.11 Characteristics - Frequencies
There are a number of different technologies used to communicate over 802.11 networks. One big difference between different standards of 802.11 networks are the frequencies used to communicate. Some 802.11 networks use the 2.4 gigahertz frequency range. Other 802.11 technologies will use the 5 gigahertz frequency range.
CASB - Characteristics
There are four main characteristics of a CASB. Visibility: You need to know exactly what applications people are using in the cloud, and you want to be sure that the right people have the right authority to use those applications. Compliance: If you're working with medical information or credit card information, then there are probably also some significant compliance requirements. If you want to be sure your users are complying with HIPPA or PCI requirements, then you want to be sure you have the CASB in place. Threat Prevention: Since the applications and the data are in the cloud, they may be accessible by others. So a CASB will allow you to provide threat prevention. Make sure that only authorized users gain access to this application and this data. Data Security: And of course, there will be data transferred between your facility to the cloud and back again. So you want to be sure that all of that data is sent over encrypted channels. And if anyone is sending any personally identifiable information, you want to identify that and provide some type of security controls in the form of data loss prevention.
DHCP Process - Step 3 - Request
There may be more than one DHCP server on the network, and Sam may have received multiple offers. So Sam will pick one of those offers and send back a DHCP request, again, to a broadcast address through UDP port 67. That broadcast goes to everything on the network. It's stopped by the router, but is made to the DHCP server, and now that server sees that Sam has indeed requested that original offer that was made.
Third Party DNS
There's also a middle ground where you can have a third party providing you with your own internal DNS services. Especially if you're in a very large environment, you may be having to manage many, many different DNS servers. And instead of you managing that, you might want to hand that off to a third party where you've outsourced your internal DNS function to this third party.
Firewall Ruleset Example
These firewall rules filter any traffic sequentially looking for matches in incoming frames. If none of the 6 match the firewall is denied. Rule 7 also denies ICMP (so no one can ping this device)
Third Party DNS - Characteristics
Third Partry DNS servers are running in the cloud. You might have multiple instances of them available around the world, and it would still provide you with the same internal functionality except you're using a cloud-based service external to your organization. This also might provide you with some capabilities you normally wouldn't have if you were maintaining your own servers. You may have high availability to have these DNS services available all the time. They may be low latency servers providing very fast response time. And if you need additional servers spun up, you simply request that from the third-party DNS and you're able to scale up and scale down as needed.
DHCP Relay Example - Step 2 Offer..and Beyond
This DHCP relay also allows us to take the unicast being sent back in response and convert those back to broadcast. The DHCP relay is going to receive the DHCP servers offer, and it's being sent to that directed IP address of 10.10.30.1 ("Router 2"). When it reaches that address, the router understands that this needs to be a broadcast. It changes the destination address to that 255.255.255.255 broadcast and sends that message out to the network where it will be received by Jack. This DHCP relay will continue to make these changes throughout the DHCP process, and eventually it will complete and Jack will have an IP address that was provided by the DHCP server that exists on a different IP subnet.
IPv6 Addressing - Modifying the MAC Address - Conversion Chart Example 4
This MAC address starts with 34:62:88. We'll look at that 4 value, see that the corresponding number is a 6, so that will change to a 3662:88, again, putting the ff:fe in the middle, and then finishing with the last three bytes of the MAC address.
802.11 Characteristics - Bandwidth Chart 2.4/5GHz
This chart shows differences in the available frequencies in 2.4 GHz vs 5GHz range. This also shows you how you're able to increase the different channel widths to use more frequencies at the same time. If we first look at the 2.4 gigahertz range, there are three channels that don't overlap with each other- channels 1, 6, and 11- with 20 MHz range blocks for each one. For 5 Ghz, there are many more blocks of 20 MHz channel bandwidths available. Anything that is not red is available bandwidths that you can use in 5 GHz. So you can see a large difference in available bandwidth when you move up to the 5 GHz ranges. Some of these 5 GHz standards allow you to have larger channel bandwidths. So you can group together and have 40, 80 or 160 MHz channels (as with 802.11ac).
Static Routing Table - Example
This example shows the Routing table for Router 1, the last two entries show the route for "Sam" to send packets to "Jack" (via 10.10.40.2) and Teal'c (via 10.10.30.2)
IPv6 Addressing - Modifying the MAC Address - Conversion Chart Example 1
This example starts with an 8c. We know that we're going to change the c to the corresponding value, and in our chart that's an e. That means we have 8e:2d:aa:4b98a7. We've split the middle (aa:4b) and insert ff:fe. And that entire value is our EUI-64. So now we have 8e2d:aaff:fe4b:98a7.
All People Seem To Need Data Processing
This is an OSI Model Pneumonic Device: All - Layer 7 - Application People - Layer 6 - Presentation Seem - Layer 5 - Session To - Layer 4 - Transport Need - Layer 3 - Network Data - Layer 2 - Data Link Processing - Layer 1 - Physical
Wireless Topologies - Infrastructure Topology
This is the wireless topology one that most people are using when they are communicating with an access point. You adjoin an access points network and then, you're able to communicate with everyone else who happens to be on that network.
IPv6 Addressing - Modifying the MAC Address - Conversion Chart Example 2
This one starts with 18. We've obviously split it right in the middle. We need to look at that second character, which is an 8. And if we look at our chart, we can see the corresponding value would be an a. So if we bring this over, we can start with 1a, split the MAC address into two, add the ff:fe in the middle, and then finish with the last half the MAC address.
Port forwarding - Example
This router has been configured to let any traffic along 66.20.1.14 go to 192.168.3.22
DNS Process - Step 7: Google.com NS Response
This time the queried Name Server knows the IPs and responds with an A or AAAA address record (depending on the query type) for IPv4 and IPv6, respectively.
Classful Subnetting: Classes
Three main Classes: A, B, C. The subnet mask for a Class A network is 255.0.0.0. So there are 8 bits available for the network address, and 24 bits available for hosts on those networks. A Class B subnet mask is 255.255.0.0, which means there are 16 bits for networks and 16 bits for hosts. A Class C subnet mask is 255.255.255.0, where there are 24 bits that are available for networks and 8 bits available for hosts.
Cellular Network Standards - GSM - TDMA
Time Division Multiple Access - a technology used in digital cellular telephone communication that divides each cellular channel into three time slots in order to increase the amount of data that can be carried. TDMA is used by GSM.
IPv6 Addressing - Modifying the MAC Address - Building the MAC Address
To build a Modified EUI-64 IPv6 address. We need two different 64-bit halves of this address. The first half is going to be the subnet prefix. Which we can find out by sending a Neighbor Discovery Protocol to the local routers which will respond with our local subnet prefix. Once we have the subnet prefix, we need the final 64 bits that are created from a combination of our modified MAC address and the FFFE that we would put in the middle. So the first three bytes would be that modified MAC address. We've already changed that 0 to a 1 (8c to 8e) to designate this as a locally assigned address. We add FFFE to the middle, and finish with the last three bytes of the MAC address which are unchanged.
Subnetting - Calcuating Available Classless Subnets
To calculate the # of available we would take 2^subnet bits weve "borrowed" to determine the total number of subnets that might be available to us. For the # of hosts available per subnet, we would use 2 to the host bits power, and then subtract 2 from that. One of those will be the subnet address, and the other will be the broadcast address. Everything left is the available number of hosts on each individual subnet.
IPv6 Addressing - Modifying the MAC Address - changing the 7th bit.
To change the MAC address to EUI-64 one of the the things we need to do is change the seventh bit. That bit is in the first byte of the MAC address. So if the MAC address starts with 8c, we need to list out that 8c into binary. You can see that seventh bit here is going to be a 0. We need to change that 0 to a 1, and that will be represented as 8e when you look at it in hexadecimal form.
IPv6 Addressing - Modifying the MAC Address - Conversion Chart
To convert the MAC address from a universal address to a locally assigned address, we converted the MAC address from hexadecimal to binary and then converted it back to hexadecimal again. But there is a shortcut that you can use to make this process much simpler without performing any of that conversion. Using the chart shown, we can see the result of flipping the bit easily.
IPv6 Addressing - MAC Address to EUI-64
To create this EUI-64 from this 48-bit MAC address, we're going to split the MAC address into two pieces. It will be two 24-bit halves. And in the middle, we're going to insert 16 additional bits. These will specifically be FFFE that will go into the middle of this address. Then we have to make a change to the original MAC address. There is the seventh bit that needs to be modified. This changes the address from being one that's a burned in address to something that is a locally administered address. This is what we call the UL bit. That changes it from universal to locally administered.
TCP and UDP
Transmission Control Protocol and User Datagram Protocol. Both transported within IP, but has different characterisitics for each. Both OSI Layer 4 (Transport Layer). Allows use of multiple apps at same time (multiplexing)
TCP
Transmission Control Protocol, is a connection oriented protocol. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP.
TLS
Transport Layer Security: a cryptographic protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions. It is intended to prevent eavesdropping, tampering and message forgery. Common applications that employ TLS include Web browsers, instant messaging, e-mail and voice over IP. Many businesses use TLS to secure all communications between their Web servers and browsers regardless of whether sensitive data is being transmitted. TLS replaced SSL (Secure Sockets Layer)
TFTP
Trivial File Transfer Protocol (Port: udp/69). A simple, lockstep, File Transfer Protocol which allows a client to get from or put a file onto a remote host.
UDP Charactersitics
Unlike TCP, UDP has no formal open or close to the connection. So it it called a "connectionless" protocol. Sends data when available but doesn't confirm reception. No error recovery when data lost, or reorder out of order data. No way to provide flow control.
TCP Charactersitics
Unlike UDP, TCP requires a formal connection is made between sender and client (additional overhead). Also TCP requires a response confirming receipt of data. It also numbers the data being sent in case there are issues during transmission the client device can rebuild the data or ask for it to be resent. Lastly it allows the receiver to manage how much data is being sent.
OSI in the Real World (Wireshark)
Using Wireshark in the example shown you can see the layer at work. Frame 88... - Physical Layer Ethernet II - Data Link Layer Internet Protocol... - Network Layer Transmission Control... - Transport Layer Secure Socket - Layers 5-7
Frame Switching
Using frame switches to speed up network traffic. Each device on the network is assigned an output interface slot based on its MAC address. So frames are sent only to the correct destination.
Information Highway
Using the analogy of a moving truck: - The network topology is the road (ex .Ethernet, DSL). - The truck is the Internet Protocol (IP) - The Boxes in the truck holds your data ("Boxes" of TCP and UDP) - Inside of the boxes is the data (usually application information)
VLAN Header
VLAN IDs are 12 bits long, allowing for 4094 possible VLANs. Normal range is 1 - 1005, extended range is 1006 - 4094. ) and 4095 are reserved VLANs.
NAT Overload/PAT - Example
Vala is on 10.10.20.50 using port 3233 (10.10.20.50:3233) when it reaches the router NAT changes it to (94.1.1.1:1055) and sends it out. When it comes back it is changed back
NAT - Example
Vala is on the private address 10.10.20.50 (a private ip address on the 10.10.20.1 internal subnet). The router has an external ip address public ip of 94.1.1.1. So anything sent from Vala has its source changed from 10.10.20.50 to 94.1.1.1 as shown. This occurs both going and coming back.
Subnetting - VLSM
Variable Length Subnet Masks - amounts to "subnetting subnets," which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses. By giving the network administrator the ability to customize the size of the subnet mask, they could build out a particular subnetting scheme that provided the exact number of networks and hosts that they needed in their network.
Port: tcp/1720
VoIP signaling uses the ITU trelecommunication H.323 (aka H.23x) protocol series. It used to setup and manage VoIP calls.
VoIP
Voice Over IP (Port: tcp/1720). VoIP signaling is essential to set up, tear down, and manage VoIP voice and fax calls, as well as various call features. It is a
NTP Stratum Layers
We can associate a value with an NTP server that designates how far it is away from the original time source. We call these stratum layers in NTP. That's because the original reference clock would be stratum 0. This might be an atomic clock or a GPS clock that you've configured. The next server away from stratum 0 would be a stratum 1 server, which is going to be obtaining its timestamp from a stratum 0 server. You might also have stratum 2 servers on your network, which are going to be receiving their timestamps from a stratum 1 server.
Packet Switching - Sharing
We have many people sharing a connection to the internet. Maybe the internet links themselves are shared between locations. That way when we're not using the connection, someone else could certainly be using exactly that connection. In this regard, the internet service providers generally charge us based on how much bandwidth we're going to use.
Binary Math - Binary Conversion Chart
We use Binary math to convert binary numbers to real numbers. In this field it's used mainly for ip conversion. So we are only using a octet conversion chart (as the Number in ip only go up to 255)
NDP Functions - MAC Addresses
We use IP addresses for communication but the addresses which are used by the LAN Switches for delivery of Ethernet frames to the destination devices are MAC addresses. In IPv4, Address Resolution Protocol (ARP) is used for resolving IPv4 address to MAC address. The role of Address Resolution Protocol (ARP) in IPv4 is performed by Neighbor Discovery Protocol (NDP) in IPv6.
Switch Interface Settings - VLANs
When configuring an interface on a switch you need to specify what VLAN this interface is a member of. Each device port should be assigned a VLAN. Some ports are trunking lines, and you also need to specify what VLANs can use that trunk
(Moving Data) Specifying ports on multiple apps
When data is sent, a random return port (called a source port) is sent along with the fixed port so the data has somewhere to come back to. So for the web server app shown (tcp/80), a destination port of 80 is set along with a random return port of 3000. When the data is sent THE SOURCE AND DESTINATION PORTS A RE SWITCHED and the data is sent back port 80 on the source client.
DHCP - Manual Releases
When given a lease, you don't have to wait for the timer to expire to give up that IP address. You can manually release the IP address on your device, and that IP address is now available to others in the pool.
7 Second Subnetting - 4 Main Addresses Example
When subnetting for EACH subnet we need network/subnet address, the broadcast address, the last address in the subnet and the first available host address on the network. A typical simple example as shown (in this we use /26 b/c we only need for this problem at least 2 networks and 40 hosts/networks) very complicated and time consuming to write out the traditional way
Wireless Standards - 802.11a
When the 802.11 standards were released, there were two standards that were released simultaneously 802.11a and 802.11b. (1999). 802.11a used 5 GHz range frequencies up to 54Gbps. Because 802.11a was using five GHz frequencies, it tended to have a smaller available range than the 802.11b standard. The 802.11a standard has been replaced by newer 802.11a standards so you don't tend to see much 802.11a traffic on a network today.
Switches - Flooding for unknown MAC address
When the MAC address table is empty (the switch doesn't have the destination MAC address in the table), usually when the table is first being built. The switch broadcasts the frame to all the devices, adding the MAC address of the destination when data is sent back.
DHCP T1/T2 Timer
When we are first assigned an IP address, there's are two lease timer associated with this. The first one is a T1 timer. This is when your device will check in to be able to renew this IP address, and the T1 timer is 50% of the lease time by default. There's another timer that is the T2 timer, which means if the original DHCP server is no longer available on the network, it will try rebinding this IP address with some other DHCP server that might be available. The T2 timer is 87 and 1/2 percent of the lease time or 7/8 of the lease time.
Binary Math - Powers of Two
When we were writing out our conversion chart, we were really writing out the powers of 2. For example, 2 to the 0 power is 1. 2 to the first power is 2, to the second power is 4, and so on. And a number of the calculations that we'll convert to and from binary will use this particular chart. You'll use it for subnetting other types of binary calculations.
7 Second Subnetting - 4 Main Addresses
When you're subnetting, you're really looking for four main addresses. The first is network/subnet address, it's the very first address in a particular subnet. 2nd is the broadcast address, the last address in the subnet the one used when a broadcast is sent on an IPv4 network. We also need to know the first available host address on the network. This will be the one that our workstations and devices will use on that network. And the last available host address will be for that network so that we can determine the exact range to use for all of our devices.
DNS - Resource Records
Whenever we access a DNS server in order to gather information about the name or the IP address of a resource, we're really looking through a local database that has all of these associations between a fully qualified domain name and an IP address. We called these records on a DNS server the resource records, and it's really a text file that happens to contain all of the information we need to be able to perform these lookups.
WAN
Wide area network: a geographically distributed private telecommunications network that interconnects multiple local area networks (LANs). In an enterprise, a WAN may consist of connections to a company's headquarters, branch offices, colocation facilities, cloud services and other facilities. Typically, a router or other multifunction device is used to connect a LAN to a WAN. Enterprise WANs allow users to share access to applications, services and other centrally located resources. This eliminates the need to install the same application server, firewall or other resource in multiple locations, for example.
WLAN
Wireless local area network: provides wireless network communication over short distances using radio or infrared signals instead of traditional network cabling. A WLAN is a type of local area network (LAN). A WLAN can be built using any of several different wireless network protocols, most commonly either Wi-Fi or Bluetooth.
Dynamic Routing - Example
With Dynamic Routing an update is sent relaying the new destination IP and added automatically to the routing table
OSI Model - Layer 3 (Network) - IP Fragmentation
With IP fragmentation, the Internet Protocol (IP) breaks data it into smaller pieces, so that packets may be formed that can pass through a link with a smaller maximum transmission unit (MTU) than the original datagram size. Fragments are always in multiples of 8 b/c of the number of fragmentation offset bits in the IP header
802.11 Characteristics - MIMO - 802.11n Throughput
With MIMO, we could really increase the amount of throughput between devices because if both devices supported multiple streams, you could begin to send lots of data between those. The MIMO that was included with 802.11n could only send one grouping at a time. So it could send data down to this laptop, it could then change and send data to a mobile device, and then send data to a television. But it could not do all three of these simultaneously.
SDN: Agility
With SDN, the administrator can change any network switch's rules when necessary -- prioritizing, de-prioritizing or even blocking specific types of packets with a very granular level of control. This is especially helpful in a cloud computing multi-tenant architecture, because it allows the administrator to manage traffic loads in a flexible and more efficient manner. Essentially, this allows the administrator to use less expensive commodity switches and have more control over network traffic flow
Cellular Network Standards - GSM - TDMA Example
With TDMA, You would have multiple streams (red, blue, purple shown). The multiplexer blends those together and gives everybody a certain timestamp that's available to them. On the other side that signal is demultiplexed and you would break out the blue, the red, and the purple stream so that they can be sent to their normal destinations.
Dual Stack Routing
With a Dual Stack configuration, you can run IPv4 and IPv6 at the same time. You would setup and configure both an IPv4 and IPv6 address, with their individual routing tables and protocols. End nodes and routers/switches would run both protocols, and if IPv6 communication is possible that is the preferred protocol. Most modern devices understand IPv4 and IPv6.
DHCP - Automatic Allocation
With an automatic allocation, a device that receives an IP address will always have that IP address associated with that device. The DHCP server is going to keep a list of all of the Mac addresses, and it's going to permanently associate an IP address to that Mac address.
DHCP - Dynamic Allocation
With dynamic DHCP, a client does not own the IP address assigned to it but instead "leases" it for a period of time. Each time a device with a dynamic IP address is powered up, it must communicate with the DHCP server to lease another IP address. When that device comes back onto the network, it may or may not be provided the same IP address. One is simply chosen from the pool again and provided to that particular device. Wireless devices are examples of clients that are assigned dynamic IP addresses when they connect to a network.DHCP - Dynamic Allocation
Assigning IPV4 - DHCP - Dynamic Leases
With dynamic DHCP, a client does not own the IP address assigned to it but instead "leases" it for a period of time. Each time a device with a dynamic IP address is powered up, it must communicate with the DHCP server to lease another IP address. Wireless devices are examples of clients that are assigned dynamic IP addresses when they connect to a network.
Dynamic NAT
With dynamic NAT, a NAT router maintains a list of registered Internet IP addresses. Every time an internal client tries to access the Internet, the router maps it to one of the registered IP addresses that isn't currently in use. As a result, you need registered IP addresses only for the number of concurrent Internet users. But the problem is you only have fixed number of ip addresses.
PoE - Endspans
With endspan PoE connections, the supplier of power is built into the switch
Full Duplex Ethernet - Switches
With full duplex ethernet a switch uses the MAC address to send data only to the destination device. If the destination another connected switch, it routes the data to that switch
Resource Management - Hosted
With hosted resources, all of your hardware, all of your data, and all of your applications are running on a third party system that are located outside of your building. You're usually running this on hardware provided by the third party, and it's usually a specialized application that's running on that system.
PoE - Midspans
With midspan PoE connections, an additional PoE power source is used that can be used in combination with a non-PoE Switch or a PoE Switch that is at capacity and is already in place or is about to be installed in a network
Half Duplex Ethernet
With older half-duplex hubs ethernet, any traffic received on one interface is repeated to all the others. Hubs can't intelligently route traffic like switches.
DHCP Reservation
You can use DHCP to reserve certain IP addresses so certain devices get the same IP everytime (used for servers and other infrastructure devices).
MTU - TroubleShooting - ping -f -l
You can use ping to determine to the MTU on your network by pinging with DF (-f), and forcing a max (-l) of 1472 bytes (1500 bytes (univ. max) - 8 byte ICMP header - 20 bytes of recipient IP address = 1472). So you use (for in this example google): ping -f -l 1472 8.8.8.8 Is that doesn't work keep reducting the size by 8 until it does: that is your MTU (that doesn't require fragmentation.
IPv4 Subnet Masks - Binary to CIDR Example 2
You can use the binary to decimal chart to quickly find a bit to byte values for each octet. So in this example, we know that all ones is going to be 255, and 11100000 is 24, making the subnet mask 255.255.24.0. And if we add up the number of ones, there are /19 for this subnet mask, giving us 19 bits for the network and 13 bits to use for hosts on each of those networks.
DHCP - Static Allocation
You may have a server or a router or a switch that you would like to have the IP address configured automatically when those devices start up, but you want those devices to always have exactly the same IP address. You can do that by associating the Mac address of that device with the IP address that you would like it to have. You might see this referred to as a static DHCP assignment, a static DHCP, an address or reservation, or an IP reservation.
Switch Interface Settings - IP address management
You may have to configure IP addresses on an interface. This can be for: Layer 3 interfaces VLAN interfaces Management Interfaces Every workstation will need at least and IP address and subnet mask/CIDR block, and default gateway. ALso maybe a DNS
7 Second Subnetting - Example 1 The long Way calculations
You're given a network configuration. In this case, we have four separate networks. You're given an IP address assignment, 192.168.1.0 with a /24 subnet mask. We need an IP addressing scheme with more than one network address that can support 40 devices per subnet.
7 Second Subnetting - Example 1 The long Way
You're given a network configuration. In this case, we have four separate networks. You're given an IP address assignment, 192.168.1.0 with a /24 subnet mask. We need an IP addressing scheme with more than one network address that can support 40 devices per subnet. So we've been given the single network address. We need to subnet it out into at least four networks, and those four networks need to at least have 40 devices per subnet that can be supported with that IP addressing scheme. To do that you'd need to make the chart shown (the answer is a /26 subnet with 4 networks and 64 hosts). Unfortunately there's no way you could do all that efficiently on an exam
[net view]
[Net view] is used to show a list of computers and network devices on the network.
[nbtstat -n]
[nbtstat -n] displays the NetBIOS names that have been registered locally on the system.
[net]
a Command Prompt command that can be used to manage almost any aspect of a network and its settings including network shares, network print jobs, network users, and much more.
net
a Command Prompt command that can be used to manage almost any aspect of a network and its settings including network shares, network print jobs, network users, and much more.
DHCP Relay
aka IP Helper: If network administrators want a DHCP server to provide addressing to multiple subnets on a given network, they must configure DHCP relay services located on interconnecting routers that DHCP requests have to cross. These agents relay messages between DHCP clients and servers located on different subnets.
IPv4 Networking - Default Gateway
if you ever want to communicate outside of your local IP subnet, then you'll need the default gateway or router IP address. So on my network the router IP address might be 192.168.1.1. That means if I wanted to configure this device to communicate to other devices on my local subnet and communicate devices outside of my local subnet, I'll need to provide the IP address, the subnet mask, and the default gateway.
DNS Process - Step 6: DNS Resolver Iterative Query to the Google.com NS
the DNS resolver queries one of Google's name server for the IP of "www.professormesser.com."
Dynamic Routing - Advantages
• No manual root calculation or management • New roots are populated automatically • Very scalable
Static Routing - Disadvantages
• difficult to administer and manage on larger networks • has no automatic loop prevention • needs to be manually updated if there is a network change • has no automatic rerouting if an outage occurs.
