Networking Essentials - Home :: Anand Mewalal
Download
Report
Transcript Networking Essentials - Home :: Anand Mewalal
Presentation by Anand Mewalal
Training On Networking Concepts
Topics
Communication Terms
OSI Reference Model and Layered Communication
Ethernet networking
TCP/IP
IP Subnetting
Networking Terms
Networking Devices
Common Networking commands
Troubleshooting Tools and Techniques
Common Problems
Communication Terms
Protocol : For a network to work, the computers running on it need to agree on a set of rules. Such a set of rules is known as a
protocol. It is similair to a language. One person speaking in Japanese to another who cannot understand it.
Open Systems interconnection : (OSI) : When networks first came into being, computers could typically communicate only with
computers from the same manufacturer. Every Vendor has their Own protocol. For example, companies ran either a complete DECnet
solution or an IBM solution—not both together. In the late 1970s, the OSI (Open Systems Interconnection) model was created by the
International Organization for Standardization (ISO) to break this barrier. The OSI model is the primary architectural model for
networks. It describes how data and network information are communicated from applications on one computer, through the network
media, to an application on another computer. The OSI reference model breaks this approach into layers
Connection oriented Protocols : -establish a channel between the source and destination machines before any data is transmitted. The
protocol ensures that packets arrive at the receiving station in the same sequence in which they were transmitted. If a packet is lost in
transit, it is retransmitted by the source. The destination host acknowledges data sent from the source to the destination
Connectionless oriented protocols : -provide no assurance that data sent from the source will reach the destination. They provide
“best-effort” delivery. There is no guarantee that a packet will reach its destination or that it will be in order. However they require less
overhead and are generally faster than connection-oriented protocols.
Encapsulation: A layer in the OSI model provides services to the layer above it and, in turn, relies on the services provided by the
layer below it. Encapsulation is the process by which information from an upper layer of the model is inserted into the data field of a
lower layer. As a message leaves a networked station, it travels from Layer 7 to Layer 1. Data created by the application layer is passed
down to the presentation layer. The presentation layer takes the data from the application layer and adds its own header and trailer to it.
This data is then passed down to the session layer, which adds its own header and trailer and passes it down to the transport layer. The
process repeats itself until the data reaches the physical layer. The physical layer does not care about the meaning of the data. It simply
converts the data into bits and places it on the transmission media.
Decapsulation: When the data arrives at its destination, the receiving station’s physical layer picks it up and performs the reverse
process (also known as decapsulation). The physical layer converts the bits back into frames to pass on to the data link layer. The data
link layer removes its header and trailer and passes the data on to the network layer. Once again, this process repeats itself until the
data reaches all the way to the application layer.
Ethernet Networking
Ethernet networking uses what is called Carrier Sense Multiple Access with Collision Detect (CSMA/CD), which
helps devices share the bandwidth evenly without having two devices transmit at the same time on the network
medium to avoid collision of packets
When a host wants to transmit over the network, it first checks for the presence of a digital signal on the wire. If all
is clear (no other host is transmitting), the host will then proceed with its transmission. And it doesn’t stop there.
The transmitting host constantly monitors the wire to make sure no other hosts begin transmitting. If the host
detects another signal on the wire, it sends out an extended jam signal that causes all nodes on the segment to
stop sending data. The nodes respond to that jam signal by waiting a while before attempting to transmit again.
Backoff algorithms determine when the colliding stations retransmit. If after 15 tries collisions keep occurring, the
nodes attempting to transmit will then time-out.
Ethernet frames: The Data Link layer is responsible for combining bits into bytes and bytes into frames. Frames are
used at the Data Link layer to encapsulate packets handed down from the Network layer for transmission on a type
of media access.
Ethernet Frame
Preamble
8 Bytes
DA
6 Bytes
SA
6 Bytes
Type / Length
2 Bytes
Data
46 – 1500 bytes
FCS
4 Bytes
Preamble An alternating 1,0 pattern provides a 5MHz clock at the start of each packet, which allows the receiving
devices to lock the incoming bit stream. The preamble uses either an SFD (Start Field Delimiter) or synch field to
indicate to the receiving station that the data portion of the message will follow.
Frame Check Sequence (FCS) : FCS is a field at the end of the frame that is used to store the cyclic redundancy
check (CRC).
OSI Layers
Application Layer:
•Provide interface to End user
•Provides standardized services to Applications
Presentation Layer
•Specifies Architecture – Independant Data Transfer format
•Encodes and Decodes Data, compress data
Session Layer:
• Manages user Sessions
•Reports Upper layer Errors
Transport Layer
•Manages network layer connections
•Provides Reliable packet delivery mechanism
Network Layer
•Addresses and routes packets
Data Link Layer
•Frames Packets
•Controls Physical layer data flow
Physical Layer
•Interface between network medium and network devices
•Defines electrical and mechanical characteristics
Physical Layer
Physical Layer
•
Interface between network medium and network devices
•
Defines electrical and mechanical characteristics
Physical layer This layer defines connectors, wiring, and the specifications on how voltage and bits pass over the wired (or wireless) media.
Devices at this layer include repeaters, concentrators, and hubs. Devices that operate at the physical layer do not have an
understanding of paths.
Ethernet V.2 - Ethernet 50 Ohm Coax , Thin Wire 50 Ohm Coax, Broadband 75 Ohm Coax,
IEEE 802.3 (Ethernet) - 10 Base 5 Star LAN, 10 Base T (Twister Pair), 10 Base 5, 10 Base 2, 10 Base F (Fiber), 100 Base T / X, 1000
Base X (802.3), 1000 Bast T (802.3ae),
IEEE 802.11 - IEEE 802.11a (52 Mbps), IEEE 11b WLAN (upto 11 Mbps), IEEE 11g (WLAN 54 Mbps)
IEEE 802.5 (Token Ring) – Fibre optic, Shielded Twisted pair (4/16 Mbps), Unshielded twister pair (UTP 4/16)
FDDI – Fibre optic
IEEE 802.6 (MAN) – SNI (Subscriber Network interface, DSO (64 bps), DS1 – T1 (1.544 Mbps), E1 (2.048 Mbps), DS3 T3 (44.736
Mbps), E3 – 34.368 Mbps)
- Communicates to ATM, HDLC, PPP, SMDS, Frame Relay
ISDN Q921 – ISDN BRI (2b@64 kbps) / 1D@16kbps), ISDN Pri ( 30b @63kbps, 1D @64kbps, 1 OAM @64kbps)
PPP & Frame Relay Serial Interface – EIA RS232D or V.24, V.35, X.21 (V.10, V.10), RS-449, RS-530, HSSI
Data link Layer
Data Link Layer
•Frames Packets
•Controls Physical layer data flow
Data link layer This layer is concerned with the linkages and mechanisms used to move data about the network, including the topology,
such as Ethernet or Token Ring, and deals with the ways in which data is reliably transmitted. This layer is responsible for delivering
frames between network interface cards (NICs) on the same physical segment. Communication at the data link layer is generally based
on hardware addresses. The data link layer wraps data from the network layer inside a frame. Examples of data link layer protocols
include Ethernet, Token Ring, and Point-to-Point Protocol (PPP). Devices that operate at this layer include bridges and switches.
Ethernet V.2 - Ethernet Data Link Control
ATM Layer ( Asynchronous Transfer Mode) – ATM Adaption layer (AAL1, AAL2, AAL3/4 & AAL 5)
Frame Relay – Link Access procedure for frame mode bearer service LAPF
IEEE 802.2 - SNAP (Sub Network Access Protocol) – Type 1 (Connectionless service ) – IEEE 802.3 CSMA/CD Media Access Ctrl,
IEEE 802.11 WLAN Direct Sequence)
Type 2 (Connection Service) – IEEE 802.5 (Token Passing Ring)
Type 3 (ACK w/ Connectionless Service) – IEEE802.6 (MAN)
Internetwork- Virtual LAN – IEEE Protocol - 802.1Q VLAN Tagging, GVRP, GMRP
HDLC – Serial Interfaces
PPP – Serial interaces
SMDS (Switched Multi Megabit Data Service)-SMDS interface protocol
Frame Relay – Link Access procedure for frame mode bearer service LAPF
Upper layer protocol Communication: ARP / RARP, IP, IPX (Novell), NetBEUI (IBM)
Cisco Protocols: CDP (Cisco Discover protocol), CGMP (Cisco group Management Protocol) – This is on DLL itself
Network Layer
Network Layer
•Addresses and routes packets
Network layer This layer is responsible for addressing and delivering packets from the source node to the destination node. This is the
layer on which routing takes place. It defines the processes used to route data across the network and the structure and use of logical
addressing. The network layer takes data from the transport layer and wraps it inside a packet or datagram. Logical network addresses are
generally assigned to nodes at this layer. Examples of network layer protocols include IP and IPX.
IP (Internet Protocol) – ICMP (Internet Control messaging Protocol), SLIP (Serial Line IP), CSLIP (Compressed SLIP),
IP Based Routing Protocols – EGP (Exterior based protocol), NHRP (Next hop routing protocol), GGP (gateway to Gateway Protocol),
OSPF (Open shortest path first), RSVP (Resource reservation protocol), VRRP (Virtual router redundancy protocol)
Cisco protocols – IGRP (Interior gateway routing protocol, EIGRP (enhanced IGRP)
VPN Tunnelling – IPSEC (Internet IP Security), IP in IP (IP Encapsulation in IP), SCTP (Stream Control Transmission Protocol), GRE
(Generic Routing Protocol – This communicates to upper layer protocol PPTP
Upper layer Communication: TCP , UDP
IPX ( Internet Packet Exchange) – RIP (Routing information Protocol, NLSP (Netware Link State protocol)
Upper layer Communication: SPX, SAP Service Access Point, NCP, Burst Mode
IGMP – Internet Group Management protocol
Frame relay – Q933, SVC, LMI CLLM
Transport layer
Transport Layer
•Manages network layer connections
•Provides Reliable packet delivery mechanism
Transport layer This layer provides reliable transmission of data segments, as well as the disassembly and assembly of the data before
and after transmission. Port or socket numbers are used to identify these unique processes. Examples of transport layer protocols include
Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Sequence Packet Exchange (SPX).
TCP (Transmission Control Protocol) – It Communicates with Netbios, DSI, SMB, MSRPC, SSL, TLS, LDAP, TCP/IP Services (HTTP,
Https, FTP, Gopher, POP3, Telnet, NNTP), Xwindow, HP network Services, LDP, LPP, Runix, RPC, DNS, Cisco Routing Protocol TCP Based
UDP (User Datagram Protocol) - It communicates with Muticast Routing protocols, Routing protocols UDP Based, UDP/IP Datagram
Protocol Services, DNS, RUNIX (Remote Unix), LDP, SNMP, RPC, Cisco HSRP – Hot Standby Router
VPN Tunnelling : PPTP (Point to Point Tunnelling Protocol, L2TP (Layer 2 Tunelling Protocol), L2FP (Layet2 Forwarding protocol). It
Communicates to PPP, SLIP, and Radius Remote Authentication / Kerberos
Session layer
Session Layer:
• Manages user Sessions
•Reports Upper layer Errors
Session layer The session layer establishes, maintains, and manages the communication session between
end systems. The session layer protocol is often unused in many protocols. Examples of session layer protocols are LDAP ( Lightweight
Directory Access protocol), SSL, Secure Socket layer, TLS (Transport layer Protocol), RPC (Remote procedure call), RTP
Presentation Layer
Presentation Layer
•Specifies Architecture – Independant Data Transfer format
•Encodes and Decodes Data, compress data
Presentation layer This layer is responsible for data presentation, encryption, and compression. I.e. data representation and code
formatting.
TCP Services – Http (Hyper text transfer protocol), Https (Http secure), FTP (File Transfer protocol), Gopher, POP3 (Post office
protocol), Telnet (Virtual terminal), NNTP (Network News Transfer protocol),
Other protocols: LPP (lightweight Presentation protocol, DNS (Domain name Service) SNMP (Simple Network management Protocol,
NetBIOS, Citrix ICA, NCP (Netware Core protocol) Netware 5.0
Application Layer
Application Layer:
•Provide interface to End user
•Provides standardized services to Applications
Application layer This topmost layer of the OSI model is responsible for managing communications between network applications. This layer
is not the application itself, although some applications may perform application layer functions. In other words, programs such as Microsoft
Word or Corel are not at this layer, but browsers, FTP clients, and mail clients are.
Muticast Routing Protocols IP Based - Multicast OSPF, DVMRP (Distance vector Multicast Routing Protocol, PGM (Pragmatic General
Multicast Protocol), PIM (Protocol Independent Muticast), IGMP (Internet Group Management protocol)
Routing protocols TCP Based – MSDP (Multicast source discovery Protocol), BGP (Border gateway Protocol), MBGP (Multi Protocol
BGP, DCAP (Data link Switching Client Access protocol)
Routing Protocol UDP Based – DHCP (Dynamic host Configuration protocol), Bootp (Bootstrap protocol), NTP ( Network time
protocol), TFTP (Trival File transfer protocol), ICP (Internet Cache protocol), RUDP (Reliable Udp), GDP (gateway Discovery
Protocol), RIP,
Other Protocols; SMTP (Simple Mail transfer Protocol), IMAP Internet Message Access protocol), Xwindow System (X10/X11), HP
Network Service, RUNIX remote Service, Sun Network Service, ND (Network Disk),
Cisco Protocols – CISCO HSRP (Hot Standby router – UDP Based), Cisco STUN, RSRB, XOT (TCP based)
Microsoft Application Services – WINS, Browser, Netlogon, Spoolss, Exchange,
Citix Application Service – ICA Browser
Novell Application Service – DHCP, NDS (Network Directory Services)
There are many protocols related to VOIP, ORACLE, IBM, Storage…. Which could not be covered in this topic
Rough
The IEEE (Institute of Electrical and Electronics Engineers) 802 Specifications zoom in on the lower layers of the OSI Reference Model. The 802 Project was
started in February 1980, hence the name. The 802 specs have 12 categories covering network topologies, interface cards, and connections:
•802.1 Internetworking.
•802.2 LLC (Logical Link Control).
•802.3 Ethernet LANs (Local Area Network), i.e. CSMA/CD (CarrierSense Multiple Access with Collision Detection) or 10BASE-T. See
also my definition of Ethernet.
Protocol Data Unit
Application
- Data
•802.3z 1000BASE-T or gigabit Ethernet.
Presentation
- Data
Session
- Data
Transport
- Segment
•802.7 Broadband Technical Advisory Group.
Network
- Packet
•802.8 Fiber Optic Technical Advisory Group.
Data Link
- Frame
•802.9 Integrated Voice and Data Networks.
Physical
- Bits
•802.4 Token Bus LAN.
•802.5 Token Ring LAN. See also my definition of Token Ring.
•802.6 MAN (Metropolitan Area Network).
•802.10 Network Security.
•802.11 Wireless Networks.
•802.12 Demand Priority Access LAN, 100.
OSPF (Open Shortest Path First): Used by TCP/IP routers to determine the best path through a network.
RIP (Routing Information Protocol): Helps TCP/IP routers to use the most efficient routes to nodes on the network
ICMP (Internet Control Message Protocol): A Network layer protocol that carries control messages, such as error or confirmation messages.
TCP / IP Model
OSI Model
DOD Model
Application
Process /
Application
Presentation
Example
Protocol Data Unit
Telnet / FTP / LPD / SNMP
TFTP / NFS / SMTP / X Window
DATA
Session
Transport
Network
HOST To
HOST
Internet
TCP / UDP
SEGMENT
ICMP / BOOTP/ ARP / RARP
IP
Data Link
Physical
Network
Access
Packet
Ethernet / Fast Ethernet
Token Ring / FDDI
BITS
TCP / IP
TCP (Transmission control protocol) : developed by the Defense Advanced Research Projects Agency (DARPA), is the
most widely used routed protocol today.
The upper layers just send a data stream to the protocols in the Transport layers, TCP segments a data stream and
prepares it for the Network layer
The Network layer then routes the segments as packets through an Internetwork
TCP and UDP uses port no to communicate with upper layer.
Eg: TCP user port 21 for FTP, port 23 for telnet, port 53 for DNS
TCP Segment Format
UDP Segment Format
TCP / IP
IP (Internet protocol) - This is where the routing takes place. IP receives segments from the Host-to-Host layer and fragments
them into (packets). Each router (layer-3 device) that receives a packet makes routing decisions based upon the packet’s
destination IP address.
IP uses port 6 for TCP and port 17 for UDP
IP packet Format
IP Addressing (Subnetting)
The current IP addressing scheme (IPv4) defines an IP address as a 32-bit binary number
11000111 00011010 10101100 01010011
To make it more convenient for us, the IP address is divided into four 8-bit octets (bytes):
11000111.00011010.10101100.01010011
These octets are then converted from binary to decimal numbers (four decimal digits separated by periods):
199.26.172.83
When this number is entered into a computer, the machine automatically converts it to a 32-bit binary number, with no
regard for the individual octets or the decimals.
An IP address has two portions, a network ID and a host ID.
The network ID is shared amongst all the stations on a segment and must be unique across the entire network.
The host ID identifies a specific device (host) within a segment and must be unique on a particular segment.
Classes
When the original IP routing scheme was developed, IP addresses were divided into five classes. IP addresses most
commonly come as Class A, B, or C. Class D addresses are used for multicasting, and Class E addresses are reserved for
experimental and future use. Please note that in the table, N = Network and H = Host.
Class
Leftmost Octet
Start Bit
Leftmost octet
Last Bit
Range (First octet)
Network / Host Portion
Default Subnet mask
A
0xxxxxxx
01111111
0 – 127
N.H.H.H
255.0.0.0
B
10xxxxxx
10111111
128 – 191
N.N.H.H
255.255.0.0
C
110xxxxx
11011111
192 – 223
N.N.N..H
255.255.255.0
D
1110xxxx
11101111
224 – 239
Not Applicable
Not Applicable
E
1111xxxx
11111111
240 - 255
Not Applicable
Not Applicable
Rough
x
x
x
x
128
64
32
16
x
x
8
x
4
2
x
1
----------------------------------------------------------------------------------------------------------------------------------------------------------------------Class A addresses are one byte long, with the first bit of that byte reserved and the seven remaining bits available for manipulation. As a
result, the maximum number of Class A networks that can be created is 128 because each of the seven bit positions can either be a
0 or a 1, thus 27 or 128.
00000000 and 127.0.0.1 is reserved so actual no of class A addresses are 128-2 =126 network Nodes. We have 24 bits available for
node address. There are 224 or 16777216, since 0 and 1 are reserved. The actual no of usable nodes is 16777216 – 2 = 16777214
10.0.0.0 - All host bits off is the network address.
10.255.255.255 - All host bits on is the broadcast address.
The valid hosts are the number in between the network address & the broadcast address: 10.0.0.1 to 10.255.255.254
Class B With a network address being two bytes (eight bits each), there would be 216 unique combinations. But the Internet designers
decided that all Class B network addresses should start with the binary digit 1, then 0. This leaves 14 bit positions to manipulate,
therefore 16,384 (214) unique Class B network addresses.
Class B address uses two bytes for node addresses. This is 216 minus the two reserved patterns (all 0s and all 1s), for a total of
65,534 possible node addresses for each Class B network.
172.16.0.0 - All host bits turned off is the network address.
172.16.255.255 - All host bits turned on is the broadcast address.
The valid hosts would be the numbers in between the network address & the broadcast address: 172.16.0.1 to 172.16.255.254.
Class C network address, the first three bit positions are always the binary 110. The calculation is such: 3 bytes, or 24 bits, minus 3
reserved positions, leaves 21 positions. Hence, there are 221, or 2,097,152
Class C network has one byte to use for node addresses. This leads to 28 or 256, minus the two reserved patterns of all 0s and all 1s,
for a total of 254 node addresses for each Class C network
192.168.100.0 - All host bits turned off is the network ID.
192.168.100.255 - All host bits turned on is the broadcast address.
The valid hosts would be the numbers in between the network address & the broadcast address: 192.168.100.1 to 192.168.100.254
IP Subnetting
Class D addresses are used to support IP multicasting , Class E addresses are reserved for experimental purpose
We learned how to define and find the valid host ranges used in a Class A, Class B, and Class C network address by turning the host bits
all off and then all on. However, you were defining only one network. What happens if you wanted to take one network address
and create six networks from it? You would have to perform what is called subnetting, which allows you to take one larger network
and break it into many smaller networks.
Benefits: Reduced network traffic, Optimised network performance, Simplified Management,
To create subnetworks, you take bits from the host portion of the IP address and reserve them to define the subnet address. This means
fewer bits for hosts, so the more subnets, the fewer bits available for defining hosts.
Subnet Design Consideration
How many total subnets does the organization needs today
How many total subnets will the organization need in the future
How many hosts are on the organization’s largest subnet today
How many hosts will be on the organization largest subnet need in the future
In a Class C address, only 8 bits is available for defining the hosts. Remember that subnet bits start at the left and go to the right, without
skipping bits. This means that subnet masks can be
10000000=128,
11000000=192,
11100000=224,
11110000=240,
11111000=248,
11111100=252,
11111110=254,
You cannot have only one bit for subnetting, since that would mean that the bit would always be either off or on, which would be illegal.
So, the first subnet mask you can legally use is 192, and the last one is 252, since you need at least two bits for defining hosts
IP Subnetting
1.
How many subnets? 2x–2=amount of subnets. X is the amount of masked bits, or the 1s. For example, 11000000 is 22–2. In this
example, there are 2 subnets.
2.
How many hosts per subnet? 2x–2=amount of hosts per subnet. X is the amount of unmasked bits, or the 0s. For example,
11000000 is 26–2. In this example, there are 62 hosts per subnet.
3.
What are the valid subnets? 256–subnet mask=base number. For example, 256–192=64. which is the first subnet and our base
number or variable. Keep adding the variable to itself until you reach the subnet mask. 64+64=128. 128+64=192, which is invalid
because it is the subnet mask (all subnet bits turned on). Our two valid subnets are, then, 64 and 128.
4.
What are the valid hosts? Valid hosts are the numbers between the subnets, minus all 0s and all 1s.
5.
What is the broadcast address for each subnet? Broadcast address is all host bits turned on, which is the number immediately
preceding the next subnet.
Practice Example 1: 255.255.255.224
In this example, you will subnet the network address 192.168.10.0 and subnet mask 255.255.255.224.
192.168.10.0=Network address
/
255.255.255.224=Subnet mask
1.
How many subnets? 224 is 11100000, so our equation would be 23–2=6.
2.
How many hosts? 25–2=30.
3.
What are the valid subnets? 256–224=32. 32+32=64. 64+32=96. 96+32=128. 128+32=160. 160+32=192. 192+64=224, which is
invalid because it is our subnet mask (all subnet bits on). Our subnets are 32, 64, 96, 128, 160, and 192.
4.
What are the valid hosts?
5.
What is the broadcast address for each subnet?
Subnet1
Subnet 2
Subnet 3
Subnet 4
Subnet 5
Subnet 6
Meaning
32
64
96
128
160
192
Subnet Address
33
65
97
129
161
193
1st Valid Host
62
94
126
158
190
222
Last Valid host
63
95
127
159
191
223
Broadcast Address
IP Subnetting
Class B - possible Class B subnet masks
255.255.128.0
255.255.192.0
255.255.224.0
255.255.240.0
255.255.248.0
255.255.252.0
255.255.254.0
255.255.255.0
255.255.255.128
255.255.255.192
255.255.255.224
255.255.255.240
255.255.255.248
255.255.255.252
The Class B network address has 16 bits available for hosts addressing. This means we can use up to 14 bits for
subnetting since we must leave at least two bits for host addressing.
Use Subnet Calculator : http://www.subnet-calculator.com/subnet.php?net_class=A
IP Subnetting
Practice Example 1: 255.255.192.0
172.16.0.0=Network address
255.255.192.0=Subnet mask
64.0
128.0
Subnet
64.1
128.1
First Host
127.254
191.254
Last Host
127.255
191.255
Broadcast
1.
22–2=2.
2.
214–2=16,382.
3.
256–192=64. 64+64=128.
4.
First find the broadcast addresses in step 5, then come back and perform step 4 by filling in the host addresses.
5.
Find the broadcast address of each subnet, which is always the number right before the next subnet.
Practice Example 2: 255.255.255.192
1.
210–2=1022 subnets.
2.
26–2=62 hosts.
3.
256–192=64 and 128. However, as long as all the subnet bits on the third are not all off, then subnet 0 in the fourth
octet is valid. Also, as long as all the subnet bits in the third octet are not all on, 192 is valid in the fourth octet as a
subnet.
4.
First find the broadcast addresses in step 5, then come back and perform step 4 by filling in the host addresses.
5.
Find the broadcast address of each subnet, which is always the number right before the next subnet.
0.64
0.128
0.192
1
1.64
1.128
1.192
Subnet
0.65
0.129
0.193
1.1
1.65
1.129
1.193
First Host
0.126
0.190
0.254
1.62
1.126
1.19
1.254
Last Host
0.127
0.191
0.255
1.63
1.127
1.191
1.255
Broadcast
Networking terms
IP to Name Resolution:
Network Basic Input/Output System (NetBIOS) is used as their primary name to IP resolution method for Windows NT 3.51, and NT
4.0. system
Windows Internet Naming Service (WINS): Maps IP addresses to workstation names.
A Windows name resolution service for network basic input/output system (NetBIOS) names. WINS is used by hosts running NetBIOS
over TCP/IP (NetBT) to register NetBIOS names and to resolve NetBIOS names to Internet Protocol (IP) addresses. WINS is a database
that is intended to receive client name registrations with their identifying IP addresses, cache those credentials, and reply with those
cached names and IPs when queried against. WINS works in the same manner as do DNS servers when they resolve hosts names to IP
addresses, except that WINS substitutes NetBIOS names.
Domain Name System (DNS). Maps IP addresses into user friendly Internet domain names. DNS servers are distribute throughout the
Internet that share their information so that users can access virtually any domain name.
DNS is a hierarchical division of the network into groups and subgroups, with names reflecting this structure. It was designed to store data
in a distributed fashion to facilitate decentralized control and efficient operation, and included flexible and extensible mechanisms for
name registration and resolution.
Dynamic Host Configuration Protocol (DHCP) : Dynamically leases IP address to different users and computers on a network as
needed. DHCP comes with the NT OS.
It is used for easy TCP/IP configuration of hosts within the network. The DHCP server selects appropriate configuration parameters (IP
address with appropriate subnet mask and other optional parameters, such as IP address of the default gateway, addresses of DNS servers,
domain name, etc.) for the client stations.
DHCP server assigns clients IP addresses, Lease, reservation, Exclusions,
DNS
DHCP
DHCP allows you to automatically assign IP addresses, subnet masks, and other configuration information to client
computers on the local network. When a DHCP server is available, computers that are configured to obtain an IP address
automatically request and receive their IP configuration from that DHCP server upon booting.
Networking Devices
HUB: A hub is a device that runs at the physical layer of the OSI model and allows Ethernet networks to be easily expanded.
A group of connected hubs is called a collision domain
Bridges and switches are both intelligent devices that divide a network into collision domains.
Bridges operate at the data link layer of the OSI model and forward frames based on the source and destination addresses in
the frame. Bridges learn about the presence of end stations by listening to all traffic. By listening to all the traffic on a
network, a bridge is able to build a database of the end stations that are attached to it. The bridge creates a mapping of each
station’s MAC address and the port of the bridge to which it connects. When the bridge receives a frame, it checks the frame’s
destination address against its database. If the destination address is on the same port that the frame came from, the bridge
does not forward the frame. If the destination address is on another port, it forwards the frame only to the port to which it is
destined. If the destination address is not present in the bridge’s database, it floods the frame out all ports except the source
port.
Switches are generally much faster than bridges because switching is generally done in hardware, and bridges are normally
software based. Switches also offer higher port densities than bridges. Furthermore, although bridges always use store-andforward technology, some switches support cut-through switching, which allows them to reduce latency in the network. Cutthrough switching allows a switch to start forwarding a frame as soon as the destination address is received
Virtual LAN (VLAN) is a group of network stations that behave as though they were connected to a single network segment,
even though they might not be. VLANs provide a logical, rather than a physical, grouping of devices attached to a switch or a
group of switches
Router is a device that routes packets between different networks based on the network address located in the packet header
(IP, IPX, AppleTalk, and so on). Routers operate at Layer 3 (the network layer) of the OSI model and are therefore protocol
dependent. Routers have the ability to connect two or more similar or dissimilar networks.
Gateways operate up to the application layer of the OSI model and convert from one protocol to another.
Networking Diagrams
Common Networking Commands
PING
(Packet internet Gopher) – A TCP/IP utility that is used to test the 'reachability' of destinations by sending them an
ICMP echo and waiting for a reply.
Nslookup:
the
Displays information that you can use to diagnose Domain Name System (DNS) infrastructure. This will tell you
current address or the name an IP Address or site is registered to
Tracert:
The tracert command is used to visually see a network packet being sent and received and the amount of hops
required for that packet to get to its destination.
Netstat:
table, IPv4
Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing
statistics
Ipconfig:
This command is used to display the network settings currently assigned and given by a network
Identify the need for Networking Tools
Are all servers giving a good ping response
Reporting should be easy
Alerting if there is a problem.
Proactive management tools
Real Time Alerting.
Network Security
Port Scanning to check Vulnerablity
Web Monitoring
Bandwidth Utilization / Network Health
Protocol Utilization
Centralized Monitoring
Hard Disc free space, Processor utilization Is
okay
Common problems
Duplicate Network layer Addresses: Because network layer addresses are assigned through software and are not burned in
hardware, two stations might accidentally be assigned the same network layer address.
Local Routing: This happens when two networked stations on the same segment are communicating with each other through
a router instead of talking to each other directly. This is usually caused by a misconfiguration of the network settings on one
or both hosts
Ping of Death is the name given to a Denial of service exploit that was widely used in conjunction with the ping utility. The
exploit required the transmission of an illegal packet size; that is, a packet greater than 65536 bytes. This often led to a buffer
overflow on the receiving system - with sometimes disastrous and often unpredictable results: system crashes, reboots, kernel
dumps and so on.
Denial of Service Attack: An attack that is specifically designed to prevent the normal functioning of a system, and thereby
to prevent lawful access to that system and its data by its authorized users. DoS can be caused by the destruction or
modification of data, by bringing down the system, or by overloading the system's servers (flooding) to the extent that service
to authorized users is delayed or prevented.
Routing : Routing is a process preformed by a router which moves packets of data around the Internet. A router makes sure
that a message is sent and recieved and is part of what makes TCP/IP such a useful protocol suite. To be able to successfully
start routing a router uses headers and a forwarding table to find the destinations for packets. A router uses the ICMP protocol
section of the TCP/IP protocol suite.