Module 5-8 Networking PDF
Document Details
Uploaded by GreatestStrait
National University MOA
Tags
Summary
This PDF document provides an overview of networking concepts. It's a good resource for learning about LANs, VLANs, MAC addresses, and other networking details. The document appears to describe fundamental networking terminologies and networking modules.
Full Transcript
Terminologies List LAN: Local Area Network VLAN: Virtual Local Area Network SFD: Start Frame Delimiter FCS: Frame Check Sequence MAC: Media Access Control BIA: Burned-In Adress OUI: Organizationally Unique Identifier CRC: Cyclic Redundancy Check or Cyclic Redundancy Codes ARP: Address Resolution Pr...
Terminologies List LAN: Local Area Network VLAN: Virtual Local Area Network SFD: Start Frame Delimiter FCS: Frame Check Sequence MAC: Media Access Control BIA: Burned-In Adress OUI: Organizationally Unique Identifier CRC: Cyclic Redundancy Check or Cyclic Redundancy Codes ARP: Address Resolution Protocol CSMA/CD: Carrier Multiple Access with Collision Detection or Carrier sense multiple access with collision detection DSCP: Differentiated Services Code Point QoS: Quality of Service ECN: Explicit Congestion Notification TTL: Time to Live IHL: Internet header length TCP: Transmission Control Protocol UDP: User Datagram Protocol ISL: Inter-Switch Link IEEE 802.1Q usually called dot1q TPID: Tag Protocol Identifier TCI: Tag Control Information PCP: Priority Code Point DEI: Drop Eligible Indicator VID: VLAN ID ____________________________________________________________________________ > Module 5 - Ethernet LAN Switching Straight Through Connections - Switch to Router - Switch to PC - Switch to Server - Hub to PC - Hub to Server Crossover Connections - Switch to switch - Switch to hub - Hub to hub - Router to router - Router Ethernet port to PC NIC - PC to PC Ethernet Frame have 3 parts: Those are the Trailer, Packet, and Header Preamble: - Length: 7-byte (56-bit) - Alternating 1’s and 0’s - 10101010 * 7 - Allows devices to synchronize their receiver clocks SFD: - Length: 1-byte (8-bit) - 10101011 Destination and Source: - Indicate the devices sending and receiving the frame - Consist of the destination and source “MAC” Address - MAC: Media Access Control - 6-byte (48-bit) address of the physical device Type or Length: - 2-byte (16-bit) field - a value of 1500 or less in this field indicate the length of the encapsulated packets (in bytes) - a vale of 1536 or greater in this field indicates the TYPE of the encapsulated packet (usually IPv4 or IPv6), and the length are determined via another methods. - IPv4 = 0x0800 (hexadecimal) (2048 in decimal) - IPv6 = 0x86DD (hexadecimal) (34525 in decimal) FCS: - Frame Check Sequence - 4-byte (32-bit) in length - Detects corrupted data by running a “CRC” algorithm over the received data - CRC: Cyclic Redundancy Check sometimes called Cyclic Redundancy Codes MAC Adress: - 6-byte (48-bit) physical address assigned to the device when it is made - also known as Burned-In Adress (BIA) - is globally unique - the first 3 bytes are the OUI (Organizationally Unique Identifier), which is assigned to the company making the device - the last 3 bytes are unique to the device itself Ethernet Frame has a total of 26 byte (header+trailer). Different format of MAC Adress: 1. Windows: 5C-23-5A-24-2B-3D 2. Cisco devices: 0011.5ccc.5c00 3. LINUX and IOS: 5C:23:5A:24:2B:3D Unicast Frame: A frame destined for single target Unknown Unicast Frame = PC2: Flood the frame for all interfaces except for the source Known Unicast Frame: forward Dynamic MAC Addresses: are removed from the MAC address table after 5 min of inactivity Fa0/1: Dynamically learned MAC address or Dynamic MAC Address Preamble and SFD is usually not considered part of the Ethernet header The size of the Ethernet header and trailer is 6+6+2+4 = 18 bytes The minimum size for an Ethernet frame ( header + payload(packet)+trailer) is 64 bytes 64 bytes – 18 bytes (header + trailer size) = 46 bytes The minimum payload(packet) sized is 46 bytes If the minimum payload(packet) is less than 46 bytes, padding bytes are added. ARP is used to discover the layer 2 address( MAC address) of a known Layer 3 address (IP address) Consist of two messages : 1. ARP Request – sent by the device that wants to know the MAC address of the other device 2. ARP Reply – which is sent to inform the requesting device of the MAC address ARP Request is broadcast – sent to all host on the network. ARP Reply is Unicast – sent only to one host ( the host that sent the request) ARP Table In command prompt typed arp –a to view the ARP table (window, macOS, Linux) Internet address – IP address (layer 3 address) Physical address – MAC address (layer 2 address) Type Static – default entry Type dynamic – learned via ARP Ping - A network utility that is used to test reachability - Measured round-trip time - Uses two messages: ICMP Echo Request and ICMP Echo Reply - Command to use is ping (IP –address) To show MAC address table command: show mac address-table To clear the MAC Adress table: clear mac address-table dynamic address 0c2f.b011.9d00 To clear the MAC Adress table interface: clear mac address-table dynamic interface Gi0/0 Router interfaces - have the shutdown command applied by default – will be in the administratively down/down state by default Switch interfaces - do not have the shutdown command applied by default – will be in up/up state if connected to another device or down/down state if not connected to another device. Half duplex – the device cannot send and receive data at the same time. If it is receiving a frame, it must wait before sending a frame. Devices attached to a hub must operate in half duplex Full duplex – the device can send and receive data at the same time. It does not have to wait. Devices attached to a switch can operate in full duplex CSMA/CD –Carrier Multiple Access with Collision Detection: - Before sending frames, devices listen to the collision domain until they detect that the other devices are not sending. - If a collision does occur, the device sends a jamming signal to inform the other devices that a collision happened. - Each device will wait a random period of time before sending frames again. - The process repeats. Speed/Duplex Autonegotiation - Interfaces that can run at different speeds (10/100 or 10/100/1000) have default settings of speed auto and duplex auto. - Interfaces advertise their capabilities to the neighboring device, and they negotiate the best speed and duplex settings they are both capable of. E = 10 megabits per second F = 10/100 megabits per second G = 10/100/1000 gigabits per second What if autonegotiation is disable on the device connected to the switch? Speed – the switch will try to sense the speed that the other device is operating at. If it fails to sense the speed, it will use the slowest supported speed. Runts – frames that are smaller than the maximum frame size (64 bytes) Giants – frames that are larger than the maximum frame size (1518 bytes) CRC – frames that failed the CRC check(in the ethernet FCS Trailer) Frames – frames that have an incorrect format (due to an error) Input errors – total of various counters, such as the above four Output errors - frames the switch tried to send , but failed due to error ____________________________________________________________________________ > Module 6 - IPv4 Addressing Network Layer - Provides connectivity between end hosts on different networks (ex. Outside of the LAN) - Provides logical addressing ( IP address) - Provides path selection between source and destination - Router and layer 3 switch (multi- layer switch) operates at network layer Routing Host portion of the address is all 0’s – Network address The network address cannot be assigned to a host. Host portion of the address is all 1’s – Broadcast address The broadcast address cannot be assigned to a host. Loopback Addresses - Address range 127.0.0.0 -.127.255.255.255 - Used to test the network stack on the local device CLI Commands Status – refer to layer1 status, ex. Is the interface shutdown, is there a cable attached, etc. Protocol – refers to layer 2 status , ex. Is the ethernet functioning properly between this device and the device its connected to. IPv4 Header – Version field IPv4 – 4 (0100) IPv6 – 6 (0110) IPv4 Header – Internet Header Length The final field of IPv4 header (options) is variable in length, so this field is necessary to indicate the total length of the header. Identifies the length of the header in 4 –byte increments Minimum value is 5 (5x4 = 20 bytes) Maximum value is 15 (15 x4 = 60 bytes) Minimum IPv4 header length =20 bytes Maximum IPv4 header length = 60 bytes IPv4 Header – DSCP Field (Differentiated Services Code Point) - Used for QoS (Quality of Service) - Used to prioritize delay- sensitive data (steaming voice, video, etc.) IPv4 Header – ECN Field (Explicit Congestion Notification) - Provides end-to-end (between two points) notification of networks congestion without dropping packets. - Optional features that requires both endpoints, as well as the underlying network infrastructure, to support it. IPv4 Header – Total Length Field - Indicate the total length of the packet (L3 header + L4 segment) - Measured in bytes ( not 4-byte increments like IHL) - Minimum value of 20 (= IPv4 header no encapsulated data) - Maximum value of 65,535(maximum 16-bit value) IPv4 Header – Identification Field - If a packet is fragmented due to being to large, this field is used to identify which packet the frame fragment belongs to. - All fragments of the same packet will have their own IPv4 header with the same value in this field. - Packets are fragmented if larger than the MTU ( Maximum Transmission Unit) - MTU is usually 1500 bytes - Fragments are reassembled by the receiving host IPv4 Header – Flag Field - Used to control/identify fragments - Bit 0 – reserved, always set to zero - Bit 1 – don’t fragment(DF bit), used to indicate a packet that should not be fragmented - Bit 2 – more fragment (MF bit), set to 1 if there are more fragments in the packet, set to 0 for the last fragment. - Unfragmented packets will always have their MF bit set to 0. IPv4 Header – Fragment Offset Field - Used to indicate the position of the fragment within the original, unfragmented IP packet. - Allows fragmented packets to be reassemble even if the fragments arrive out of order. IPv4 Header – Time to Live Field - A router will drop a packet with TTL of 0 - Used to prevent infinite loops - Originally designed to indicate the packets maximum lifetime in seconds - In practice, indicates a hop count:each time the packet arrives at a router, the router decreases the TTL by 1 - Recommended default TTl is 64 IPv4 Header – Time to Live Field - Protocol - Indicate the protocol of the encapsulated L4 PDU - TCP protocol # 6 - UDP protocol # 17 - ICMP protocol # 1 - OSPF (dynamic routing protocol) #89 IPv4 Header – Header Checksum Field - A calculated checksum used to check for errors in the IPv4 header. - When a router receives a packet, it calculates the checksum of the header and compares it to the one in this field of the header - If they do not match, the router drops the packet - Used to check for errors only in the IPv4 header - IP relies on the encapsulated protocol to detect errors in the encapsulated data - Both TCP and UDP have their own checksum fields to detects errors in the encapsulated data. IPv4 Header – Source and Destination IP Address Field Source IP address – IPv4 address of sender of the packet Destination Ip Address – IPv4 address of the intended receiver of the packet IPv4 Header – Options Field - Rarely used. - If the IHL field is greater than 5,options are present. ____________________________________________________________________________ > Module 7 - Routing What is Routing: is a process that routers use to determine the path the IP packets should take over a network to reach their destination Routers – store routes to all of their known destination in a routing table When routers received packets, they look in the routing table to find the best route to forward that packet Two Main Routing Methods Dynamic routing – routers use dynamic routing protocol (ex. OSPF) to share routing information with each other automatically and build their routing tables. Static routing – a network engineer/admin manually configure routes on the router. Route - tells the router : to send a packet to destination X, and should send the packet to next-hop Y Next hop – the next router in the path to the destination. - if the destination is directly connected to the router, send the packet directly to the destination. - if the destination is the router’s own IP address, receive the packet (don’t forward it). Codes - legend in the output of show ip route lists the different protocols which routers can use to learn routes. L – Local: A route to the actual IP address configured on the interface. ( with a /32 netmask) C- connected: A route to the network the interface is connected to. (with the actual netmask configured on the interface. When you configure an IP address on an interface and enable it with no shutdown, 2 routes(per interface ) will automatically be added to the routing table: - A connected route - A local route - A connected route is a route to the network the interface is connected to. - R1 G0/0 IP = 192.168.1.1/24 - Network address = 192.168.1.0/24, it provides a route to all host in the network. - R1 knows: if it need to send a packet to any host in 192.168.1.0/24 network it should be sent out to G0/0. - A local route is a route to the exact IP address configured on the interface. - a/32 netmask is used to specify the exact IP address of the interface. /32 means all 32 bits are fixed and can't be change. - Even though R1 G0/0 is configured as 192.168.1.1/24, the connected route is 192.168.1.1/32. - R1 knows if it receive a packet destined for this IP address, the message is for my own IP address Routing Packet – Default Gateway - Default gateway configuration is also called default route. - It is a route to 0.0.0.0/0 – all netmask bits set to 0.Including all address from 0.0.0.0-255.255.255.255 - 0.0.0.0/0 is the least specific route possible; it includes every possible destination IP address. It has 4,294,967,296 IP address. - If the router doesn’t have any more specific routes that match a packets destination IP address, the router will forward the packet using the default route. - A default route is often used to direct traffic to the internet. - More specific route are used for destination in the internet corporate network. - Traffic to destinations outside of the internal network is sent to the internet. ____________________________________________________________________________ > Module 8 - VLAN (Virtual Local Area Network) What is a LAN? LAN: is a single broadcast domain, including all devices that broadcast domain. Broadcast domain: is the group of devices which will receive a broadcast frame (destination MAC FFFF.FFFF.FFFF) sent by any one of the members (devices). Performance - Lots of unnecessary broadcast traffic can reduce network performance Security - Limit the access. Apply security policies on a router/firewall What is VLAN? are configured on switches on per-interface basis. Logically separate end hosts at layer 2. Switches do not forward traffic directly between host in different VLANs. Access port – is a switchport which belongs to a single VLAN, and usually connects to end hosts like PCS. Trunk port – switchports which carry multiple VLANs Trunk Port- In a small network with few VLANs, it is possible to use a separate interface for each VLAN when connecting switches to switches, and switches to routers. When the number of VLANs increases, this is not viable. It will result in wasted interfaces, and often routers won’t have enough interfaces for each VLAN. In this case you can use trunk port to carry traffic from multiple VLANs over a single interface. Switches will “tag” all frames that they send over a trunk link. This allow the receiving switches to know which VLAN the frame belongs to. Trunk ports is also known as tagged ports Access ports is also known as untagged ports VLAN Tagging Two main trunking protocols 1. ISL ( Inter-Switch Link)- old Cisco proprietary protocol 2. IEEE 802.1Q usually called dot1q – industry standard protocol tag is 4 bytes (32bits ) in length Consist of two main fields 1. Tag Protocol Identifier (TPID) 2. Tag Control Information (TCI) – consists of three sub-fields 802.1Q Tag – TPID ( Tag Protocol Identifier) - 16 bits (2 bytes) in length - Always set to a value of 0x8100 ( indicate that the frame is 802.1Q tagged) 802.1Q Tag – DEI (Drop Eligible Indicator) - 1 bit in length - Used to indicate frames that can be dropped if the network is congested. 802.1Q Tag – VID (VLAN ID) 12 bits in length Identifies the VLAN frame belongs to. 4096 total VLAN, range of 0-4095 VLANs 0 and 4095 are reserved and can’t be used, so the actual VLAN is 1-4094 VLAN Range VLAN range is divided into two section 1. Normal VLANs : 1-1005 2. Extended VLANs:1006-4094 Native VLAN - 802.1Q has a feature called the native VLAN. - The native VLAN is VLAN 1 by default on all trunk ports and can be manually configures on each trunk port. - The switch does not add an 802.1Q tag to frames in the native VLAN. - When a switch receives an untagged frame on a trunk port, it assumes the frames belongs to the native VLAN. It is very important that the native VLAN matches