Computer TIa Network+ Chapter 2
Microsoft DNS Server
Windows OS has a build in DNS service which partners closely with Active Directory (AD) services. A smart network admins knows that DNS authoritative records must be accessible to Internet users, but Active Directory must be highly secured. To do this you can use a split-horizon DNS.
MAC Addresses
You can find a network adapter's MAC address (physical address) by examining the NIC. It will be stamped directly onto the NIC's circuit board or on a sticker attached to some part of the NIC. Traditional MAC addresses contain two parts and are 48 bits long and are written as hexa decimal numbers seperated by colons. ex. 00:60:8C:00:54:99 the first 24 bits such as 00:60:8C are known as the OUI (Organizationally Unique Identifier) or Block ID or Company ID and identifies the NIC's manufacturer. A manufacturer's OUI is assigned by the Institute of Electrical and Electronic Engineers (IEEE).
PAT
Port Address Translation is used to assign a separate TCP port number to each ongoing conversation or session between a local host and an internet host through a gateway. PAT is used to determine who the recipient will be.
Address translation
Process where a GATEWAY device substitutes the private IP addresses with its own public address
Unicast Address
Specifies a single node on a network.
Dynamic IP Addresses
Static IP addresses are manually assigned by the network admin, whereas dynamic IP addresses are automatically assigned by a DHCP server each time a computer connects to the network. Its unmanageable to keep up with static IP address assignments, most network admins choose dynamic IP addressing.
SNAT (variation of NAT)
Static Network Address Translation, the gateway assigns the same public IP address to a host each time it makes a request to access the Internet. Good for home internet with few computers.
DNS Server Software
What software can you run to provide a DNS name server and DNS database? BIND (Berkely Internet Name Domain) is the most popular DNS server software that is free and open source.
Tunneling
When a network uses IPv4 and IPv6 a network is considered to be dual stacked. Three tunneling protocols: 6to4 ISATAP (Intra-Site Automatic Tunnel Addressing) Teredo
DNS Zone Transfer
When the primary DNS server holds the authoritative DNS database for an organization and a secondary DNS server needs to update its database it makes a request to the primary server for an update this process is called zone transfer. Caching-only DNS servers do not participate in zone transfers which helps reduce network traffic on slow links in Internet where these servers are used often.
DHCP reservation
When you need to assign a client a static IP on a network you can make a DHCP reservation and give it a static IP. Example with a printer.
Split DNS/Split-horizon DNS
Where you split internal and external DNS queries by difference DNS servers or by a single DNS server that is specially configured to keep internal and external DNS zones separate.
Link local unicast address
Used to communicate with nodes in the same link. This is similar to APIPA addresses. Link local addresses are not allowed on the internet.
PrivateIP/PublicIP
Class A,B, and C licensed IP addresses are available for use on the internet so they are called public IP addresses. A company can use private IP addresses on its private networks. IEEE recommends that the following IP addresses by used for private networks. 10.0.0.0 through 10.255.255.255 172.16.0.0 through 172.31.255.255 192.168.0.0 through 192.168.255.255
Well Known Ports
0 to 1023 these are assigned by IANA and are widely used and well-known protocols.
Registered Ports
1024 to 49151 can be used by network users and processes that are not considered standard processes. These ports must be registered with IANA.
Dynamic Ports
49152 to 65535 are open for use without restriction. These can be assigned by a client or server as the need arises.
How is namespace data organized
A (Address) record AAAA (Address) record CNAME (Canonical name) record PTR (Pointer) record MX (Mail Exchanger) record
Subnet mask
A 32-bit number that helps one computer find another. The 32 bits are used to indicate what portion of an IP address is the network portion and what part is the host portion. You can tell if a computer with a given IP address is on its own or a different network.
DNS resolvers
A DNS client that requests information from DNS name servers. Resolver steps 1. Searches DNS cache (for previously visited) If it cant find.. 2. Sends message to local name DNS server which queries a root server for a list of IP addresses with .edu suffix 3. DNS name server makes a request to a TLD server responsible for .edu and the TLD server responsible responds with an IP address of the mdc.edu authoritative server. 4. The DNS name server then names a request to the DNS name server at the mdc.edu which responds to the Cengage name server with the IP address of the www.mdc.edu host. 5. The local name server responds to the client resolver with the requested IP address and both the Cengage name server and client computer store the information in their DNS caches so they don't need to ask again.
Dynamic IP Address
A changing address that is from a DHCP Dynamic Host Configuration Protocol.
Gateway
A computer,router, or other device that a host uses to access another network. The default gateway is the gateway device that nodes on the network turn to first for access to the outside world.
Firewall
A device either a router or a computer running special software that selectively filters or blocks traffic between networks. Firewalls are porous they always let some traffic through the question is what kind of traffic.
Host files
A file that keeps track of a local network. Sometimes web site devs use host files to assign a host name to a new website so that the site can be tested on a local network before its deployed to the internet.
Private Port
A number assigned by a network admin that is diff from well known port number for that service. Might assign a private number other than the port 80 to a web server on the internet so that people can test a site before its made available to the public.
Transport layer addressing [2]
A port number identifies one application among several applications that might be running on a host and is used by the Transport layer to find an application. Example. A web server app is usually configured to listen for incoming requests at port 80.
Active Directory
A server running Active Directory Domain Services (AD DS) is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a system administrator or normal user. Also, it allows management and storage of information at admin level and provides authentication and authorization mechanisms and a framework to deploy other related services.
Subnet
A smaller network within a larger network.
nslookup
Allows you to query the DNS database from any computer on a network To find the host name of a device by specifying its IP address, or vice versa Useful for verifying a host is configured correctly or for troubleshooting DNS resolution problems Reverse DNS lookup - to find the host name of a device whose IP address you know Interactive mode - to enable this simple press enter after nslookup
AAAA (Address) record
Also called a quad-A record - holds the name-to-address mapping but the IP address is an IPv6 type of address.
Network Layer addressing [3]
An IP address is assigned to every interface (a network connection made by a node or host on a network). IP addresses can be used to find hosts on any computer on the globe if the IP address is public on the internet. IPv4 and IPv6 is used on the internet currently
Class D
Are not available for general use. Class D addresses begin with octets 224 through 239 and are used for multicasting.
Global unicast address
Can be routed on the internet and are similar to public IPv4 addresses. Most global addresses begin with 2000:::/3, although more are being released. The last 16 bits is called the Subnet ID which can be used to identify a subnet on a large corporate network.
Anycast address
Can identify multiple destinations, with packets delivered to the closest destination
CNAME record
Canonical Name holds alternative names for a host.
IPv4 addresses are divided into 5 classes
Class A, Class B, Class C, Class D, and Class E
Socket
Consists of host's IP address and the port number of an application running on the host Colon separates the two values Example - 10.43.3.87:23
0.0.0.0
Currently unassigned
DNS Zones
DNS follows a distributed database model. This means data is distributed over thousands of servers that way DNS will not fail catastrophically if one or a handful of servers experience errors. DNS Zones - Organizations are responsible for providing and maintaining their own DNS authoritative servers for public access. Every organization should have an authoritative name server and possible several caching-only name servers.
DNS name servers
DNS servers hold the databases (where IP addresses to computer name addresses are stored), which are organized in a hierarchical structure. At the root level, 13 clusters of root server hold information used to locate top-level domain (TLD) servers TLD servers hold information about authoritative servers The authority on computer names and their IP address for computer in their domains
DNS
Domain Name System designed to associate computer names with IP addresses. DNS is an Application layer client-server system of computers and databases made up of 3 elements. namespace name servers resolvers
DDNS
Dynamic DNS. Suppose you want to maintain a web server and web site in your home but you dont maintain a DNS name server and you don't lease a static IP address from your ISP. How can name resolution to your Web site work without your having a DNS server and a static IP address? The solution is to use a Dynamic DNS provider to manage dynamic updates to its DNS records for your domain name. DDNS protocol monitors the IP addresses dynamically assigned to your home network by your ISP. The software reports IP address changes to the DDNS service which automatically updates DNS records. Home routers sometimes provide the monitoring software embedded in the router firmware.
DHCP
Dynamic Host Configuration Protocol
Port Numbers
Ensure data is transmitted to the correct application.
Application layer addressing [1]
Every host on a network is assigned a unique character based name called the FQDN (Fully qualified domain name), for example jon.mycompany.com, ftp.mycompany.com, and www.mycompany.com. The last two parts of a host name such as mycompany.com are called the domain name. The first part is the host name such as the john, ftp, or www, which identifies the individual computer on the network. FTP is a host name given to an FTP server and www is a host name assigned to a computer running a web server. The FQDN is sometimes called the computer name
IPv4
IPv4 (Internet Protocol version 4) is an address with 32 bits and is written as four decimal numbers called octets. Example 92.106.50.200
IPv6
IPv6 (Internet Protocol version 6) is an address with 128 bits and are written as eight blocks of hexadecimal numbers Example 2001:0DB8:0B80:0000:0000:00D3:9C5A:00CC IPv6 addresses are followed by a % sign and a number the number is called the zone ID or scope ID and is used to identify the link the computer belongs to.
MX (Mail Exchanger) record
Identifies a mail server and is used for email traffic.
APIPA/DHCP
If a computer configured to use DHCP (Dynamic Host Configuration Protocol) first connects to the network and is unable to lease an IPv4 address from the DHCP server it uses an Automatic Private IP Addressing address in the range 169.254.0.1 through 169.254.255.254
127.0.0.1
Indicates your own computer and is called the loopback address
ICMP
Internet Control Message Protocol. Protocol used by the echo request/reply to carry error messages and information about the network.
Class A
Is for the first octet and goes from 1 to 126 possible licenses
Class B
Is for the second octet and has 16,000 possible licenses
Class C
Is for the third octet and has 2 million possible licenses
Types of DNS requests
Iterative - When a local server issues queries to other servers. Iterative queries do not demand a resolution and the other servers only provide information if they have it. Recursive - A query that demands a resolution or the answer "It can't be found" Ex. The initial request the resolver makes to the local server is a recursive query.
IPv6 Terminology
Link (sometimes called local link) - any LAN bounded by routers An interface is a node's attachment to a link Tunneling - a method used by IPv6 to transport IPv6 packets through or over an IPv4 network Interface ID - the last 64 bits or four blocks of an IPv6 address that identify the interface Neighbors - two or more nodes on the same link
Data Link layer addressing [4]
MAC address/Physical address is embedded on every NIC on the glove and is assumed to be unique to that NIC. Nodes on a LAN can find each other using their mad addresses. However MAC addresses are not used to find notes on networks other than the local network.
NAT
Network Address Translation is a technique designed to converse the number of public IP addresses needed by a network.
Class E
Not available for general use. Begins with 240 through 254 and are reserved for research. Also the block of addresses that begin with 127 are reserved for research and loopback addresses.
Multicasting
One host sends messages to multiple hosts such as when a host transmits a videoconference over the internet.
ping
Packet Internet Groper is used to verify that TCP/IP is installed, bound to the NIC, configured correctly, and is communicating with the network. Consider pings to be an echo IPv6 uses ping6 or ping -6
Multicast address
Packets are delivered to all nodes on a network
Static IP
Permanent IP address
IPv6 Autoconfiguration Steps
Step 1 - The computer creates its IPv6 address Uses FE80::/64 as the first 64 bits Last 64 bits can be generated in two ways: Randomly generated Generated from the network adapter's MAC address Step 2 - The computer checks to make sure its IP address is unique on the network Step 3 - The computer asks if a router on the network can provide configuration information If a router responds with DHCP information, the computer uses whatever information this might be Such as the IP addresses of DNS server or the network prefix If the network prefix is supplied, this will become the first 64 bits of its own IP address Process is called prefix discovery
A (Address) record
Stores the name-to-address mapping for a host. This record provides the primary function of DNS to match host names to IP addresses using IPv4 addresses.
DMZ
The area between two firewalls is called the demilitarized zone. It is where the external DNS is located which also handles incoming queries from the internet. The internal DNS requests are handled by AD's DNS server which is kept secure from the ineternet.
DNS namespace
The entire collection of computer names and their associated IP addresses stored in databases on DNS name servers around the globe.
DNAT (variation of NAT)
The gateway has a pool of public address that it is free to assign to a local host when it makes a request to access the Internet. Good for large organizations.
Name resolution
The process of discovering the IP address of a host when you know the FQDN.
Open Source
The term for software whose code is publicly available for use and modification.
DNS servers
These servers are responsible for tracking computer names and their IP addresses. When you enter a computer name such as www.cengage.com in your browser address box, a DNS server is needed to find the IP address of that host.
Host Name/Domain Names
These were created because character-based names are easier to remember than numeric IP addresses. Recall FQDN is a host name and a domain name together such as www.cengage.com the last part of an FQDN .com is called the top-level domain (TLD)
How do you register a Domain name?
They can be registered with an Internet naming authority that works on behalf of ICANN.
TLD
Top level domain or last part of an FQDN example .COM, .EDU, .GOV
ifconfig
UNIX and Linux based. ifconfig -a displays TCP/IP information.
IPv6 Addressing classifications
Unicast address Multicast address Anycast address
255.255.255.255
Used for broadcast messages by TCP/IP background processes; a broadcast message is read by every node on the network
PTR (Pointer) record
Used for reverse lookups to provide a host name when you know its IP address.
ipconfig
ipconfig /all - displays TCP/IP configuration information for each networks adapter. ipconfig /release - releases the IP address when dynamic IP addressing is used. This disables the computer's communications. ipconfig /renew - leases a new IP address often the same one you just released. ipconfig /flushdns - clears the resolver cache which might solve a problem when a browser cant find a host on the internet. or has received wrong information to the cache.