training on networking concepts topics communication terms osi reference model and layered...
TRANSCRIPT
Training On Networking Concepts
Topics
Communication Terms
OSI Reference Model and Layered Communication
Ethernet networking
TCP/IP
IP Subnetting
Networking Terms
Networking Devices
Common Networking commands
Troubleshooting Tools and Techniques
Common Problems
Presentation by Anand Mewalal
Communication Terms
Protocol : For a network to work, the computers running on it need to agree on a set of rules. Such a set of rules is known as a protocol. It is similair to a language. One person speaking in Japanese to another who cannot understand it.
Open Systems interconnection : (OSI) : When networks first came into being, computers could typically communicate only with computers from the same manufacturer. Every Vendor has their Own protocol. For example, companies ran either a complete DECnet solution or an IBM solution—not both together. In the late 1970s, the OSI (Open Systems Interconnection) model was created by the International Organization for Standardization (ISO) to break this barrier. The OSI model is the primary architectural model for networks. It describes how data and network information are communicated from applications on one computer, through the network media, to an application on another computer. The OSI reference model breaks this approach into layers
Connection oriented Protocols : -establish a channel between the source and destination machines before any data is transmitted. The protocol ensures that packets arrive at the receiving station in the same sequence in which they were transmitted. If a packet is lost in transit, it is retransmitted by the source. The destination host acknowledges data sent from the source to the destination
Connectionless oriented protocols : -provide no assurance that data sent from the source will reach the destination. They provide “best-effort” delivery. There is no guarantee that a packet will reach its destination or that it will be in order. However they require less overhead and are generally faster than connection-oriented protocols.
Encapsulation: A layer in the OSI model provides services to the layer above it and, in turn, relies on the services provided by the layer below it. Encapsulation is the process by which information from an upper layer of the model is inserted into the data field of a lower layer. As a message leaves a networked station, it travels from Layer 7 to Layer 1. Data created by the application layer is passed down to the presentation layer. The presentation layer takes the data from the application layer and adds its own header and trailer to it. This data is then passed down to the session layer, which adds its own header and trailer and passes it down to the transport layer. The process repeats itself until the data reaches the physical layer. The physical layer does not care about the meaning of the data. It simply converts the data into bits and places it on the transmission media.
Decapsulation: When the data arrives at its destination, the receiving station’s physical layer picks it up and performs the reverse process (also known as decapsulation). The physical layer converts the bits back into frames to pass on to the data link layer. The data link layer removes its header and trailer and passes the data on to the network layer. Once again, this process repeats itself until the data reaches all the way to the application layer.
Ethernet Networking
Ethernet networking uses what is called Carrier Sense Multiple Access with Collision Detect (CSMA/CD), which helps devices share the bandwidth evenly without having two devices transmit at the same time on the network medium to avoid collision of packets
When a host wants to transmit over the network, it first checks for the presence of a digital signal on the wire. If all is clear (no other host is transmitting), the host will then proceed with its transmission. And it doesn’t stop there. The transmitting host constantly monitors the wire to make sure no other hosts begin transmitting. If the host detects another signal on the wire, it sends out an extended jam signal that causes all nodes on the segment to stop sending data. The nodes respond to that jam signal by waiting a while before attempting to transmit again. Backoff algorithms determine when the colliding stations retransmit. If after 15 tries collisions keep occurring, the nodes attempting to transmit will then time-out.
Ethernet frames: The Data Link layer is responsible for combining bits into bytes and bytes into frames. Frames are used at the Data Link layer to encapsulate packets handed down from the Network layer for transmission on a type of media access.
Ethernet Frame
Preamble
8 Bytes
DA
6 Bytes
SA
6 Bytes
Type / Length
2 Bytes
Data
46 – 1500 bytes
FCS
4 Bytes
Preamble An alternating 1,0 pattern provides a 5MHz clock at the start of each packet, which allows the receiving devices to lock the incoming bit stream. The preamble uses either an SFD (Start Field Delimiter) or synch field to indicate to the receiving station that the data portion of the message will follow.
Frame Check Sequence (FCS) : FCS is a field at the end of the frame that is used to store the cyclic redundancy check (CRC).
OSI Layers
Application Layer:
•Provide interface to End user
•Provides standardized services to Applications
Presentation Layer
•Specifies Architecture – Independant Data Transfer format
•Encodes and Decodes Data, compress data
Session Layer:
• Manages user Sessions
•Reports Upper layer Errors
Transport Layer
•Manages network layer connections
•Provides Reliable packet delivery mechanism
Network Layer
•Addresses and routes packets
Data Link Layer
•Frames Packets
•Controls Physical layer data flow
Physical Layer
•Interface between network medium and network devices
•Defines electrical and mechanical characteristics
Physical Layer
Physical Layer
• Interface between network medium and network devices
• Defines electrical and mechanical characteristics
Physical layer This layer defines connectors, wiring, and the specifications on how voltage and bits pass over the wired (or wireless) media. Devices at this layer include repeaters, concentrators, and hubs. Devices that operate at the physical layer do not have
an understanding of paths.
Ethernet V.2 - Ethernet 50 Ohm Coax , Thin Wire 50 Ohm Coax, Broadband 75 Ohm Coax,
IEEE 802.3 (Ethernet) - 10 Base 5 Star LAN, 10 Base T (Twister Pair), 10 Base 5, 10 Base 2, 10 Base F (Fiber), 100 Base T / X, 1000 Base X (802.3), 1000 Bast T (802.3ae),
IEEE 802.11 - IEEE 802.11a (52 Mbps), IEEE 11b WLAN (upto 11 Mbps), IEEE 11g (WLAN 54 Mbps)
IEEE 802.5 (Token Ring) – Fibre optic, Shielded Twisted pair (4/16 Mbps), Unshielded twister pair (UTP 4/16)
FDDI – Fibre optic
IEEE 802.6 (MAN) – SNI (Subscriber Network interface, DSO (64 bps), DS1 – T1 (1.544 Mbps), E1 (2.048 Mbps), DS3 T3 (44.736 Mbps), E3 – 34.368 Mbps)
- Communicates to ATM, HDLC, PPP, SMDS, Frame Relay
ISDN Q921 – ISDN BRI (2b@64 kbps) / 1D@16kbps), ISDN Pri ( 30b @63kbps, 1D @64kbps, 1 OAM @64kbps)
PPP & Frame Relay Serial Interface – EIA RS232D or V.24, V.35, X.21 (V.10, V.10), RS-449, RS-530, HSSI
Data link Layer
Data Link Layer
•Frames Packets
•Controls Physical layer data flow
Data link layer This layer is concerned with the linkages and mechanisms used to move data about the network, including the topology, such as Ethernet or Token Ring, and deals with the ways in which data is reliably transmitted. This layer is responsible for delivering frames between network interface cards (NICs) on the same physical segment. Communication at the data link layer is generally based on hardware addresses. The data link layer wraps data from the network layer inside a frame. Examples of data link layer protocols include Ethernet, Token Ring, and Point-to-Point Protocol (PPP). Devices that operate at this layer include bridges and switches.
IEEE 802.2 - SNAP (Sub Network Access Protocol) – Type 1 (Connectionless service ) – IEEE 802.3 CSMA/CD Media Access Ctrl, IEEE 802.11 WLAN Direct Sequence)
Type 2 (Connection Service) – IEEE 802.5 (Token Passing Ring)
Type 3 (ACK w/ Connectionless Service) – IEEE802.6 (MAN)
Ethernet V.2 - Ethernet Data Link Control
ATM Layer ( Asynchronous Transfer Mode) – ATM Adaption layer (AAL1, AAL2, AAL3/4 & AAL 5)
Frame Relay – Link Access procedure for frame mode bearer service LAPF
Internetwork- Virtual LAN – IEEE Protocol - 802.1Q VLAN Tagging, GVRP, GMRP
HDLC – Serial Interfaces
PPP – Serial interaces
SMDS (Switched Multi Megabit Data Service)-SMDS interface protocol
Frame Relay – Link Access procedure for frame mode bearer service LAPF
Upper layer protocol Communication: ARP / RARP, IP, IPX (Novell), NetBEUI (IBM)
Cisco Protocols: CDP (Cisco Discover protocol), CGMP (Cisco group Management Protocol) – This is on DLL itself
Network Layer
Network Layer
•Addresses and routes packets
Network layer This layer is responsible for addressing and delivering packets from the source node to the destination node. This is the layer on which routing takes place. It defines the processes used to route data across the network and the structure and use of logical addressing. The network layer takes data from the transport layer and wraps it inside a packet or datagram. Logical network addresses are generally assigned to nodes at this layer. Examples of network layer protocols include IP and IPX.
IP (Internet Protocol) – ICMP (Internet Control messaging Protocol), SLIP (Serial Line IP), CSLIP (Compressed SLIP),
IP Based Routing Protocols – EGP (Exterior based protocol), NHRP (Next hop routing protocol), GGP (gateway to Gateway Protocol), OSPF (Open shortest path first), RSVP (Resource reservation protocol), VRRP (Virtual router redundancy protocol)
Cisco protocols – IGRP (Interior gateway routing protocol, EIGRP (enhanced IGRP)
VPN Tunnelling – IPSEC (Internet IP Security), IP in IP (IP Encapsulation in IP), SCTP (Stream Control Transmission Protocol), GRE (Generic Routing Protocol – This communicates to upper layer protocol PPTP
Upper layer Communication: TCP , UDP
IPX ( Internet Packet Exchange) – RIP (Routing information Protocol, NLSP (Netware Link State protocol)
Upper layer Communication: SPX, SAP Service Access Point, NCP, Burst Mode
IGMP – Internet Group Management protocol
Frame relay – Q933, SVC, LMI CLLM
Transport layer
Transport Layer
•Manages network layer connections
•Provides Reliable packet delivery mechanism
Transport layer This layer provides reliable transmission of data segments, as well as the disassembly and assembly of the data before and after transmission. Port or socket numbers are used to identify these unique processes. Examples of transport layer protocols include Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Sequence Packet Exchange (SPX).
TCP (Transmission Control Protocol) – It Communicates with Netbios, DSI, SMB, MSRPC, SSL, TLS, LDAP, TCP/IP Services (HTTP, Https, FTP, Gopher, POP3, Telnet, NNTP), Xwindow, HP network Services, LDP, LPP, Runix, RPC, DNS, Cisco Routing Protocol TCP Based
UDP (User Datagram Protocol) - It communicates with Muticast Routing protocols, Routing protocols UDP Based, UDP/IP Datagram Protocol Services, DNS, RUNIX (Remote Unix), LDP, SNMP, RPC, Cisco HSRP – Hot Standby Router
VPN Tunnelling : PPTP (Point to Point Tunnelling Protocol, L2TP (Layer 2 Tunelling Protocol), L2FP (Layet2 Forwarding protocol). It Communicates to PPP, SLIP, and Radius Remote Authentication / Kerberos
Session layer
Session Layer:
• Manages user Sessions
•Reports Upper layer Errors
Session layer The session layer establishes, maintains, and manages the communication session betweenend systems. The session layer protocol is often unused in many protocols. Examples of session layer protocols are LDAP ( Lightweight Directory Access protocol), SSL, Secure Socket layer, TLS (Transport layer Protocol), RPC (Remote procedure call), RTP
Presentation Layer
Presentation Layer
•Specifies Architecture – Independant Data Transfer format
•Encodes and Decodes Data, compress data
Presentation layer This layer is responsible for data presentation, encryption, and compression. I.e. data representation and code formatting.
TCP Services – Http (Hyper text transfer protocol), Https (Http secure), FTP (File Transfer protocol), Gopher, POP3 (Post office protocol), Telnet (Virtual terminal), NNTP (Network News Transfer protocol),
Other protocols: LPP (lightweight Presentation protocol, DNS (Domain name Service) SNMP (Simple Network management Protocol, NetBIOS, Citrix ICA, NCP (Netware Core protocol) Netware 5.0
Application Layer
Application Layer:
•Provide interface to End user
•Provides standardized services to Applications
Application layer This topmost layer of the OSI model is responsible for managing communications between network applications. This layer is not the application itself, although some applications may perform application layer functions. In other words, programs such as Microsoft Word or Corel are not at this layer, but browsers, FTP clients, and mail clients are.
Muticast Routing Protocols IP Based - Multicast OSPF, DVMRP (Distance vector Multicast Routing Protocol, PGM (Pragmatic General Multicast Protocol), PIM (Protocol Independent Muticast), IGMP (Internet Group Management protocol)
Routing protocols TCP Based – MSDP (Multicast source discovery Protocol), BGP (Border gateway Protocol), MBGP (Multi Protocol BGP, DCAP (Data link Switching Client Access protocol)
Routing Protocol UDP Based – DHCP (Dynamic host Configuration protocol), Bootp (Bootstrap protocol), NTP ( Network time protocol), TFTP (Trival File transfer protocol), ICP (Internet Cache protocol), RUDP (Reliable Udp), GDP (gateway Discovery Protocol), RIP,
Other Protocols; SMTP (Simple Mail transfer Protocol), IMAP Internet Message Access protocol), Xwindow System (X10/X11), HP Network Service, RUNIX remote Service, Sun Network Service, ND (Network Disk),
Cisco Protocols – CISCO HSRP (Hot Standby router – UDP Based), Cisco STUN, RSRB, XOT (TCP based)
Microsoft Application Services – WINS, Browser, Netlogon, Spoolss, Exchange,
Citix Application Service – ICA Browser
Novell Application Service – DHCP, NDS (Network Directory Services)
There are many protocols related to VOIP, ORACLE, IBM, Storage…. Which could not be covered in this topic
Rough
The IEEE (Institute of Electrical and Electronics Engineers) 802 Specifications zoom in on the lower layers of the OSI Reference Model. The 802 Project was started in February 1980, hence the name. The 802 specs have 12 categories covering network topologies, interface cards, and connections:
•802.1 Internetworking.
•802.2 LLC (Logical Link Control).
•802.3 Ethernet LANs (Local Area Network), i.e. CSMA/CD (Carrier-Sense Multiple Access with Collision Detection) or 10BASE-T. See also my definition of Ethernet.
•802.3z 1000BASE-T or gigabit Ethernet.
•802.4 Token Bus LAN.
•802.5 Token Ring LAN. See also my definition of Token Ring.
•802.6 MAN (Metropolitan Area Network).
•802.7 Broadband Technical Advisory Group.
•802.8 Fiber Optic Technical Advisory Group.
•802.9 Integrated Voice and Data Networks.
•802.10 Network Security.
•802.11 Wireless Networks.
•802.12 Demand Priority Access LAN, 100.
OSPF (Open Shortest Path First): Used by TCP/IP routers to determine the best path through a network.
RIP (Routing Information Protocol): Helps TCP/IP routers to use the most efficient routes to nodes on the network
ICMP (Internet Control Message Protocol): A Network layer protocol that carries control messages, such as error or confirmation messages.
Protocol Data Unit
Application - Data
Presentation - Data
Session - Data
Transport - Segment
Network - Packet
Data Link - Frame
Physical - Bits
TCP / IP Model
Application
Presentation
Session
TCP / UDPHOST To HOST
Transport
Process / Application
Telnet / FTP / LPD / SNMP
TFTP / NFS / SMTP / X Window
ICMP / BOOTP/ ARP / RARP
IP
Network Access
Internet
Data Link
Physical
Network
Ethernet / Fast Ethernet
Token Ring / FDDI
OSI Model DOD Model
DATA
SEGMENT
Packet
BITS
Example Protocol Data Unit
TCP / IP
TCP (Transmission control protocol) : developed by the Defense Advanced Research Projects Agency (DARPA), is the most widely used routed protocol today.
The upper layers just send a data stream to the protocols in the Transport layers, TCP segments a data stream and prepares it for the Network layer
The Network layer then routes the segments as packets through an Internetwork
TCP and UDP uses port no to communicate with upper layer.
Eg: TCP user port 21 for FTP, port 23 for telnet, port 53 for DNS
TCP Segment Format UDP Segment Format
TCP / IP
IP (Internet protocol) - This is where the routing takes place. IP receives segments from the Host-to-Host layer and fragments them into (packets). Each router (layer-3 device) that receives a packet makes routing decisions based upon the packet’s destination IP address.
IP uses port 6 for TCP and port 17 for UDP
IP packet Format
IP Addressing (Subnetting)
The current IP addressing scheme (IPv4) defines an IP address as a 32-bit binary number
11000111 00011010 10101100 01010011
To make it more convenient for us, the IP address is divided into four 8-bit octets (bytes):
11000111.00011010.10101100.01010011
These octets are then converted from binary to decimal numbers (four decimal digits separated by periods):
199.26.172.83
When this number is entered into a computer, the machine automatically converts it to a 32-bit binary number, with no regard for the individual octets or the decimals.
An IP address has two portions, a network ID and a host ID.
The network ID is shared amongst all the stations on a segment and must be unique across the entire network.
The host ID identifies a specific device (host) within a segment and must be unique on a particular segment.
Classes
When the original IP routing scheme was developed, IP addresses were divided into five classes. IP addresses most commonly come as Class A, B, or C. Class D addresses are used for multicasting, and Class E addresses are reserved for experimental and future use. Please note that in the table, N = Network and H = Host.
Class Leftmost Octet Start Bit
Leftmost octet
Last Bit
Range (First octet) Network / Host Portion Default Subnet mask
A 0xxxxxxx 01111111 0 – 127 N.H.H.H 255.0.0.0
B 10xxxxxx 10111111 128 – 191 N.N.H.H 255.255.0.0
C 110xxxxx 11011111 192 – 223 N.N.N..H 255.255.255.0
D 1110xxxx 11101111 224 – 239 Not Applicable Not Applicable
E 1111xxxx 11111111 240 - 255 Not Applicable Not Applicable
Rough x x x x x x x x
128 64 32 16 8 4 2 1
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Class A addresses are one byte long, with the first bit of that byte reserved and the seven remaining bits available for manipulation. As a result, the maximum number of Class A networks that can be created is 128 because each of the seven bit positions can either be a 0 or a 1, thus 27 or 128.
00000000 and 127.0.0.1 is reserved so actual no of class A addresses are 128-2 =126 network Nodes. We have 24 bits available for node address. There are 224 or 16777216, since 0 and 1 are reserved. The actual no of usable nodes is 16777216 – 2 = 16777214
10.0.0.0 - All host bits off is the network address.
10.255.255.255 - All host bits on is the broadcast address.
The valid hosts are the number in between the network address & the broadcast address: 10.0.0.1 to 10.255.255.254
Class B With a network address being two bytes (eight bits each), there would be 216 unique combinations. But the Internet designers decided that all Class B network addresses should start with the binary digit 1, then 0. This leaves 14 bit positions to manipulate, therefore 16,384 (214) unique Class B network addresses.
Class B address uses two bytes for node addresses. This is 216 minus the two reserved patterns (all 0s and all 1s), for a total of 65,534 possible node addresses for each Class B network.
172.16.0.0 - All host bits turned off is the network address.
172.16.255.255 - All host bits turned on is the broadcast address.
The valid hosts would be the numbers in between the network address & the broadcast address: 172.16.0.1 to 172.16.255.254.
Class C network address, the first three bit positions are always the binary 110. The calculation is such: 3 bytes, or 24 bits, minus 3 reserved positions, leaves 21 positions. Hence, there are 221, or 2,097,152
Class C network has one byte to use for node addresses. This leads to 28 or 256, minus the two reserved patterns of all 0s and all 1s, for a total of 254 node addresses for each Class C network
192.168.100.0 - All host bits turned off is the network ID.
192.168.100.255 - All host bits turned on is the broadcast address.
The valid hosts would be the numbers in between the network address & the broadcast address: 192.168.100.1 to 192.168.100.254
IP Subnetting
Class D addresses are used to support IP multicasting , Class E addresses are reserved for experimental purpose
We learned how to define and find the valid host ranges used in a Class A, Class B, and Class C network address by turning the host bits all off and then all on. However, you were defining only one network. What happens if you wanted to take one network address and create six networks from it? You would have to perform what is called subnetting, which allows you to take one larger network and break it into many smaller networks.
Benefits: Reduced network traffic, Optimised network performance, Simplified Management,
To create subnetworks, you take bits from the host portion of the IP address and reserve them to define the subnet address. This means fewer bits for hosts, so the more subnets, the fewer bits available for defining hosts.
Subnet Design Consideration
How many total subnets does the organization needs today
How many total subnets will the organization need in the future
How many hosts are on the organization’s largest subnet today
How many hosts will be on the organization largest subnet need in the future
In a Class C address, only 8 bits is available for defining the hosts. Remember that subnet bits start at the left and go to the right, without skipping bits. This means that subnet masks can be
10000000=128,
11000000=192,
11100000=224,
11110000=240,
11111000=248,
11111100=252,
11111110=254,
You cannot have only one bit for subnetting, since that would mean that the bit would always be either off or on, which would be illegal.
So, the first subnet mask you can legally use is 192, and the last one is 252, since you need at least two bits for defining hosts
IP Subnetting
1. How many subnets? 2x–2=amount of subnets. X is the amount of masked bits, or the 1s. For example, 11000000 is 22–2. In this example, there are 2 subnets.
2. How many hosts per subnet? 2x–2=amount of hosts per subnet. X is the amount of unmasked bits, or the 0s. For example, 11000000 is 26–2. In this example, there are 62 hosts per subnet.
3. What are the valid subnets? 256–subnet mask=base number. For example, 256–192=64. which is the first subnet and our base number or variable. Keep adding the variable to itself until you reach the subnet mask. 64+64=128. 128+64=192, which is invalid because it is the subnet mask (all subnet bits turned on). Our two valid subnets are, then, 64 and 128.
4. What are the valid hosts? Valid hosts are the numbers between the subnets, minus all 0s and all 1s.
5. What is the broadcast address for each subnet? Broadcast address is all host bits turned on, which is the number immediately preceding the next subnet.
Practice Example 1: 255.255.255.224
In this example, you will subnet the network address 192.168.10.0 and subnet mask 255.255.255.224.
192.168.10.0=Network address / 255.255.255.224=Subnet mask
1. How many subnets? 224 is 11100000, so our equation would be 23–2=6.
2. How many hosts? 25–2=30.
3. What are the valid subnets? 256–224=32. 32+32=64. 64+32=96. 96+32=128. 128+32=160. 160+32=192. 192+64=224, which is invalid because it is our subnet mask (all subnet bits on). Our subnets are 32, 64, 96, 128, 160, and 192.
4. What are the valid hosts?
5. What is the broadcast address for each subnet?
Subnet1 Subnet 2 Subnet 3 Subnet 4 Subnet 5 Subnet 6 Meaning
32 64 96 128 160 192 Subnet Address
33 65 97 129 161 193 1st Valid Host
62 94 126 158 190 222 Last Valid host
63 95 127 159 191 223 Broadcast Address
IP Subnetting
Class B - possible Class B subnet masks
255.255.128.0
255.255.192.0
255.255.224.0
255.255.240.0
255.255.248.0
255.255.252.0
255.255.254.0
255.255.255.0
255.255.255.128
255.255.255.192
255.255.255.224
255.255.255.240
255.255.255.248
255.255.255.252
The Class B network address has 16 bits available for hosts addressing. This means we can use up to 14 bits for subnetting since we must leave at least two bits for host addressing.
Use Subnet Calculator : http://www.subnet-calculator.com/subnet.php?net_class=A
IP Subnetting
Practice Example 1: 255.255.192.0
172.16.0.0=Network address
255.255.192.0=Subnet mask
1. 22–2=2.
2. 214–2=16,382.
3. 256–192=64. 64+64=128.
4. First find the broadcast addresses in step 5, then come back and perform step 4 by filling in the host addresses.
5. Find the broadcast address of each subnet, which is always the number right before the next subnet.
Practice Example 2: 255.255.255.192
1. 210–2=1022 subnets.
2. 26–2=62 hosts.
3. 256–192=64 and 128. However, as long as all the subnet bits on the third are not all off, then subnet 0 in the fourth octet is valid. Also, as long as all the subnet bits in the third octet are not all on, 192 is valid in the fourth octet as a subnet.
4. First find the broadcast addresses in step 5, then come back and perform step 4 by filling in the host addresses.
5. Find the broadcast address of each subnet, which is always the number right before the next subnet.
64.0 128.0 Subnet
64.1 128.1 First Host
127.254 191.254 Last Host
127.255 191.255 Broadcast
0.64 0.128 0.192 1 1.64 1.128 1.192 Subnet
0.65 0.129 0.193 1.1 1.65 1.129 1.193 First Host
0.126 0.190 0.254 1.62 1.126 1.19 1.254 Last Host
0.127 0.191 0.255 1.63 1.127 1.191 1.255 Broadcast
Networking terms
IP to Name Resolution:
Network Basic Input/Output System (NetBIOS) is used as their primary name to IP resolution method for Windows NT 3.51, and NT 4.0. system
Windows Internet Naming Service (WINS): Maps IP addresses to workstation names.
A Windows name resolution service for network basic input/output system (NetBIOS) names. WINS is used by hosts running NetBIOS over TCP/IP (NetBT) to register NetBIOS names and to resolve NetBIOS names to Internet Protocol (IP) addresses. WINS is a database that is intended to receive client name registrations with their identifying IP addresses, cache those credentials, and reply with those cached names and IPs when queried against. WINS works in the same manner as do DNS servers when they resolve hosts names to IP addresses, except that WINS substitutes NetBIOS names.
Domain Name System (DNS). Maps IP addresses into user friendly Internet domain names. DNS servers are distribute throughout the Internet that share their information so that users can access virtually any domain name.
DNS is a hierarchical division of the network into groups and subgroups, with names reflecting this structure. It was designed to store data in a distributed fashion to facilitate decentralized control and efficient operation, and included flexible and extensible mechanisms for name registration and resolution.
Dynamic Host Configuration Protocol (DHCP) : Dynamically leases IP address to different users and computers on a network as needed. DHCP comes with the NT OS.
It is used for easy TCP/IP configuration of hosts within the network. The DHCP server selects appropriate configuration parameters (IP address with appropriate subnet mask and other optional parameters, such as IP address of the default gateway, addresses of DNS servers, domain name, etc.) for the client stations.
DHCP server assigns clients IP addresses, Lease, reservation, Exclusions,
DNS
DHCP
DHCP allows you to automatically assign IP addresses, subnet masks, and other configuration information to client computers on the local network. When a DHCP server is available, computers that are configured to obtain an IP address automatically request and receive their IP configuration from that DHCP server upon booting.
Networking Devices
HUB: A hub is a device that runs at the physical layer of the OSI model and allows Ethernet networks to be easily expanded. A group of connected hubs is called a collision domain
Bridges and switches are both intelligent devices that divide a network into collision domains.
Bridges operate at the data link layer of the OSI model and forward frames based on the source and destination addresses in the frame. Bridges learn about the presence of end stations by listening to all traffic. By listening to all the traffic on a network, a bridge is able to build a database of the end stations that are attached to it. The bridge creates a mapping of each station’s MAC address and the port of the bridge to which it connects. When the bridge receives a frame, it checks the frame’s destination address against its database. If the destination address is on the same port that the frame came from, the bridge does not forward the frame. If the destination address is on another port, it forwards the frame only to the port to which it is destined. If the destination address is not present in the bridge’s database, it floods the frame out all ports except the source port.
Switches are generally much faster than bridges because switching is generally done in hardware, and bridges are normally software based. Switches also offer higher port densities than bridges. Furthermore, although bridges always use store-and-forward technology, some switches support cut-through switching, which allows them to reduce latency in the network. Cut-through switching allows a switch to start forwarding a frame as soon as the destination address is received
Virtual LAN (VLAN) is a group of network stations that behave as though they were connected to a single network segment, even though they might not be. VLANs provide a logical, rather than a physical, grouping of devices attached to a switch or a group of switches
Router is a device that routes packets between different networks based on the network address located in the packet header (IP, IPX, AppleTalk, and so on). Routers operate at Layer 3 (the network layer) of the OSI model and are therefore protocol dependent. Routers have the ability to connect two or more similar or dissimilar networks.
Gateways operate up to the application layer of the OSI model and convert from one protocol to another.
Networking Diagrams
Common Networking Commands
PING (Packet internet Gopher) – A TCP/IP utility that is used to test the 'reachability' of destinations by sending them anICMP echo and waiting for a reply.
Nslookup: Displays information that you can use to diagnose Domain Name System (DNS) infrastructure. This will tell you the current address or the name an IP Address or site is registered to
Tracert: The tracert command is used to visually see a network packet being sent and received and the amount of hops required for that packet to get to its destination.
Netstat: Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics
Ipconfig: This command is used to display the network settings currently assigned and given by a network
Identify the need for Networking Tools
Are all servers giving a good ping response
Reporting should be easy
Alerting if there is a problem.
Proactive management tools
Real Time Alerting.
Network Security
Port Scanning to check Vulnerablity
Web Monitoring
Bandwidth Utilization / Network Health
Protocol Utilization
Centralized Monitoring
Hard Disc free space, Processor utilization Is okay
Duplicate Network layer Addresses: Because network layer addresses are assigned through software and are not burned in hardware, two stations might accidentally be assigned the same network layer address.
Local Routing: This happens when two networked stations on the same segment are communicating with each other through a router instead of talking to each other directly. This is usually caused by a misconfiguration of the network settings on one or both hosts
Ping of Death is the name given to a Denial of service exploit that was widely used in conjunction with the ping utility. The exploit required the transmission of an illegal packet size; that is, a packet greater than 65536 bytes. This often led to a buffer overflow on the receiving system - with sometimes disastrous and often unpredictable results: system crashes, reboots, kernel dumps and so on.
Denial of Service Attack: An attack that is specifically designed to prevent the normal functioning of a system, and thereby to prevent lawful access to that system and its data by its authorized users. DoS can be caused by the destruction or modification of data, by bringing down the system, or by overloading the system's servers (flooding) to the extent that service to authorized users is delayed or prevented.
Routing : Routing is a process preformed by a router which moves packets of data around the Internet. A router makes sure that a message is sent and recieved and is part of what makes TCP/IP such a useful protocol suite. To be able to successfully start routing a router uses headers and a forwarding table to find the destinations for packets. A router uses the ICMP protocol section of the TCP/IP protocol suite.
Common problems