Network Administration Notes.pdf

Full Transcript

Network Administration - involves overseeing and managing a computer network
to ensure it operates efficiently and securely. This includes tasks such as setting up and
configuring network hardware and software, monitoring network performance,
maintaining network infrastructure, troubleshooting issues, and implementing security
measures to protect the network from threats. Network administrators are responsible
for ensuring that the network remains reliable and available to users, and they
often work to optimize network performance and plan for future network growth.

GOALS

Maintaining Resiliency: Ensuring network resilience and consistent functionality
and availability.
Capacity Planning: Planning and enhancing capacity to ensure smooth access
and operations.
Automated Management: Utilizing networking tools for automated
management and improved control.
Change Tracking: Monitoring and recording essential changes.
Risk Management: Assessing potential risks and implementing effective
mitigation strategies.
Security Prevention: Preventing actions that could compromise the network or
turn it into an attack vector.
Intrusion Detection: Detecting and addressing intrusions to prevent security
breaches that could jeopardize data.

KEY AREAS

1. Fault Management
- This area is dedicated to overseeing the entire infrastructure, aiming to
detect and resolve issues that might impact it. Fault management
employs standard network protocols like Simple Network Management
Protocol (SNMP) to monitor the infrastructure.
2. Configuration Management
- Configuration management involves tracking and managing changes to
network components, such as switches, firewalls, hubs, and routers.
Unexpected changes can significantly impact the network, potentially
causing downtime. Therefore, it is crucial to efficiently streamline,
monitor, and control configuration changes.
3. Account Management
- Network usage can greatly impact various components. Account
management helps track this usage, allowing organizations to estimate,
plan for, and possibly bill different departments accordingly. While smaller
 organizations might not prioritize account management and billing,
monitoring network utilization is crucial for all networks, as it can reveal
trends and inefficiencies.
4. Performance Management
- To ensure efficient operations, administrators must prioritize maintaining
service levels, which is where performance management becomes
essential. Performance management involves gathering metrics and
analytical data to continuously evaluate network performance, such as
response times and packet loss.
5. Security Management
- Security management, a critical aspect of network administration,
focuses on ensuring that only authorized activities, devices, and users
have access to the network. This involves employing various strategies,
such as threat management, intrusion detection, and firewall
management, to keep the network secure. Security management includes
gathering and analyzing network data to identify and prevent malicious
or suspicious activities.

Network Administrator - is an IT professional responsible for overseeing an
organization ' s network. This role requires extensive technical expertise, and the
network administrator is typically the top technical authority within the organization.
Their duties include ensuring the network remains operational, monitoring its functions,
and managing its operations. Additionally, network administrators are responsible for
installing, maintaining, and upgrading the software and hardware necessary for the
efficient operation of the network, which may include local area networks (LANs), wide
area networks (WANs), the Internet, and intranets.

ROLES & RESPONSIBILITIES

Assess the organization’s network and system needs.
Research and evaluate network devices, protocols, services, and standards to
support network functions.
Install and maintain network servers and operating systems, ensuring that
backup copies of all files are securely stored in a designated location.
Troubleshoot issues with network devices and perform updates as needed.
Install, configure, and manage multi-user software on servers.
Oversee and maintain end-user accounts, authentication processes, and
permission settings.
Install, configure, and manage network communication devices, such as hubs,
switches, and UPS systems.
 Ensure the proper functioning and maintenance of all network-connected
devices.
Manage security measures, including antivirus software, firewalls, and intrusion
detection systems.
Install and configure software, hardware, and other devices to meet the
organization’s network requirements.

Network Documentation - is the process of recording detailed information about a
computer network' s configuration, components, and operations. Network
documentation helps ensure that network administrators and IT staff have a clear
understanding of the network’s structure and can efficiently manage, troubleshoot, and
upgrade the network. It also aids in compliance, security, and disaster recovery
planning.

Includes:
➔ Network diagrams
➔ Hardware & Software inventories
➔ Ip addresses
➔ Network configurations
➔ Procedures for setup and maintenance

Benefits & Importance
Visualization - Creating a diagram that includes all hardware, cables, servers, and
cloud connections provides a visual representation of your network. This layout helps
you identify potential weaknesses and understand how traffic congestion might be
impacting the flow of information.
Troubleshooting - Troubleshooting becomes much simpler when you can pinpoint the
exact location of a problem. Consider the time saved during a system failure or
unexpected issue with crucial devices. Having a virtual infrastructure map can enable
you to restore your company’s operations in a fraction of the time.
Standard Operating Procedures - Relying on only one or two people to understand
how your network operates can be problematic if they 're unavailable when needed. A
network documentation tool allows any IT-savvy individual to step in and continue
where the previous person left off.
Budgeting and Forecasting - Documenting your network assists with capacity
planning as your organization grows, helps identify and update non-functional devices,
and allows you to transition to network documentation software for improved
efficiency.
Saving Money - The more familiar you are with your computer network devices, the
better you can manage them. This increased efficiency can lead to cost savings,
ultimately benefiting your bottom line.
IP ADDRESSING and SUBNETTING

Terminologies
Bit - Short for "binary digit," a bit is the smallest unit of data in a computer. It can have
one of two values: 0 or 1. Bits are the building blocks for all digital data.
Byte - A byte consists of 8 bits. It is a larger unit of data used to represent a single
character, such as a letter or a number, in most encoding systems (like ASCII). Bytes
are commonly used as the basic addressable element in memory and storage systems.
Subnet Mask - A subnet mask is a 32-bit number used in IP networking to divide an IP
address into network and host portions. It helps identify which part of an IP address is
used to identify the network and which part identifies individual devices (hosts) on that
network.
Octet - An octet is a group of eight bits. In the context of IP addresses and subnet
masks, it represents one of the four segments of the address. Each octet is separated
by dots in the standard notation of IPv4 addresses.
Host - A host refers to any device that is connected to a network and is capable of
sending and receiving data. This could be a computer, server, printer, smartphone, or
any other networked device.
Network - A network is a group of interconnected devices (hosts) that communicate
with each other. The network allows these devices to share resources, like files, printers,
or internet connections.

Decimal to Binary Conversions

Binary to Decimal Conversions
IP ADDRESS - (Internet Protocol Address) is a unique identifier assigned to each
device connected to a network that uses the Internet Protocol for communication. It
allows devices like computers, smartphones, servers, and other networked hardware to
identify and communicate with each other over a network, including the internet.
Internet Protocol (IP) is a set of rules that governs how data is sent and received over
the internet or other networks. It is responsible for routing and addressing packets of
data so they can travel from the sender to the correct destination.

It encodes a network number (ID) and a host number (ID).
Types:
IPv4 Address - An IPv4 address is a 32-bit number, typically written in dotted decimal
notation, divided into four octets. For example: 192.168.1.1
IPv6 Address - An IPv6 address is a 128-bit number, written in hexadecimal and
separated by colons. For example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

Public IP Address is an address that is globally unique and assigned to devices that
are directly accessible over the internet.
Assigned by - Internet Service Providers (ISPs). Used for external communication;
allows devices to connect to the broader internet.
Visibility - Publicly visible; other devices on the internet can see and communicate with
the device using this address. Example: 203.0.113.5

Private IP Address is an address that is used within a private network (like a home or
office network) and cannot be accessed directly from the internet.
Assigned by - Routers or local network administrators. Used for internal
communication within a local network; not routable on the internet.
Visibility - Only visible within the local network. Example: 192.168.1.10

Classes of Private IP Address
Class A
Range: 1.0.0.0 to 126.255.255.255
Subnet Mask: 255.0.0.0
Network/Host Division: The first octet identifies the network, the remaining three octets
identify the host.
Usage: Suitable for very large networks (e.g., multinational corporations, large ISPs).
Private IPs: 10.0.0.0 – 10.255.255.255
Loopback address is a special IP address used to test the network configuration of a
device, specifically to verify that the TCP/IP stack is functioning properly on that
device without sending any data across the network.

Class B
Range: 128.0.0.0 to 191.255.255.255
Subnet Mask: 255.255.0.0
Network/Host Division: The first two octets identify the network, the remaining two
octets identify the host.
Usage: Medium to large-sized organizations (e.g., universities, large companies).
Private IPs: 172.16.0.0 – 172.31.255.255

Class C
Range: 192.0.0.0 to 223.255.255.255
Subnet Mask: 255.255.255.0
Network/Host Division: The first three octets identify the network, the last octet
identifies the host.
Usage: Small networks (e.g., small businesses, home networks). Private IPs: 192.168.0.0 –
192.168.255.255

Class D (Multicast)
Range: 224.0.0.0 to 239.255.255.255
Usage: Reserved for multicast groups (sending data to multiple destinations at once).
No specific host assignment, only used for group communication.
Examples: Streaming Services, Online Gaming, Video Conferencing.

Class E (Experimental)
Range: 240.0.0.0 to 255.255.255.255
Reserved for experimental purposes and future use; not used for public addressing.
Researchers and developers might use Class E addresses for testing new networking
protocols or technologies that are not yet standardized. Class E addresses are reserved
for potential future networking innovations that might be developed and standardized.

Default Gateway - is a network device (usually a router) that serves as an access
point for devices on a local network to communicate with devices on other networks,
such as the internet.
IP Address: Typically the local router ' s IP address.
Purpose: Directs data packets from devices in a local network to the appropriate
external destination, particularly when the destination is outside the local subnet.
Example: If your device ' s IP address is 192.168.1.10, the default gateway might be
192.168.1.1.
Traffic Movement to a Default Gateway

Traffic refers to the flow of data (packets) across a network. This includes any
requests (outbound) or responses (inbound) between devices or systems.

Traffic Movement
A device sends data to another network.
If the destination IP is outside the local network, the packet is sent to the
default gateway.
The default gateway checks the destination IP using its routing table (a
map that guides packet delivery paths).
The default gateway forwards the packet to the appropriate network
(another router or the internet).
The packet travels through routers to reach the final destination (e.g., a
web server)
The destination sends a response back through the default gateway.
The gateway forwards the response to the original device on the local
network

Common Types of Default Gateway
Home/Residential Default Gateway
A typical router provided by an ISP for home networks.
Connects home devices (like computers, smartphones, and smart devices) to the
internet and manages traffic within the local network.
Example: A Wi-Fi router with an IP address such as 192.168.1.1. All devices on the
home network use this router as their default gateway to access external
websites and services.

Business/Enterprise Default Gateway
A more complex router used in larger business or enterprise environments.
Connects internal company networks to the internet or other external networks.
It also manages traffic between different internal network segments.
Example: A router with multiple IP addresses and interfaces, handling traffic
between different subnets like 10.0.0.0/24 and 172.16.0.0/24, and providing
internet access.
Subnet Mask
A subnet mask is a 32-bit number used in IP networking to divide an IP address
into two parts: the network portion and the host portion.
A subnet mask is created by setting the network bits to "1" s and the host bits to
"0"s. In any network, two specific host addresses are reserved and cannot be
used for devices. The address ending in "0" is reserved as the network address,
while the address ending in "255" is designated as the broadcast address.

○ Class A - 255.0.0.0
○ Class B - 255.255.0.0
○ Class C - 255.255.255.0

Broadcast address
A broadcast address is used to signal that the information being transmitted
should reach all devices on the local network.
These addresses are always the highest value in a network or subnet.
Key Uses:
Network-wide announcements - Routers, switches, or other devices use
the broadcast address to send information that needs to reach all devices
on the network.
Address Resolution Protocol (ARP) - ARP requests often use the
broadcast address to discover the MAC address of a device when only the
IP address is known.

Subnetting
Subnetting is a method used to break up one large physical network into
multiple smaller, logical networks called subnets.
To create subnets, we take some bits from the host portion of an IP address and
use them to define smaller networks within the original one.
Subnetting was first created to help deal with the limited number of IP
addresses available on the internet.

Why use Subnetting?
It allows for better use of IP addresses by allocating only the needed addresses
to each subnet.
Reduces broadcast traffic, as broadcasts are limited to each subnet, improving
network performance.
Increases security by isolating different departments or sections of a company.
Network Identification

Basic Networking Commands
ipconfig (Internet Protocol Configuration)
A command used in Windows to view and manage network settings.
What It Shows?
IP Address - Your device ' s unique address on the network.
Subnet Mask - Defines the network size and how devices communicate
within it.
Default Gateway - The address of your router; it connects you to the
internet.
Common Options
ipconfig /all - Shows detailed information about all network connections.
ipconfig /release - Disconnects your device from the network.
ipconfig /renew - Reconnects your device to the network, getting a new
IP address.
When to Use It
Troubleshooting internet connection issues. Checking your device’s
network settings.

ping (Packet Internet or Inter-Network Groper)
A command used to test the reachability of a device on a network.
What does it do?
Sends small packets of data (called " echo requests ") to the specified
address. Waits for a response (called " echo replies ")
What does it show?
Time - How long it takes for the packets to travel to the destination and
back (measured in milliseconds).
Loss - If any packets didn 't return, indicating potential connectivity
issues.
TTL (Time to Live) - Indicates how many hops the packet made before
reaching its destination.
When to use it?
Checking if a website or device is online. Troubleshooting network
connectivity problems.

tracert (Trace Route)
A command used in Windows to trace the route packets take from your device
to a destination on the network.
What Does It Do?
Sends packets to the destination and records each hop the packets go
through along the way.
What It Shows?
Hop Count - The number of routers the packet passes through.
IP Addresses - The addresses of each router along the route.
Response Times - How long it takes to reach each router (measured in
milliseconds).
When to Use It?
Diagnosing network issues to see where delays or failures occur.
Understanding the path data takes across the internet.

ARP stands for Address Resolution Protocol.
It is used to find the MAC (Media Access Control - Unlike IP addresses, which can
change based on the network, MAC addresses are usually permanent and tied to
the hardware of the network interface.) address associated with an IP address
on a local network.
Common Commands
In Command Prompt or Terminal, you can type arp -a to display the
current ARP table, showing the IP addresses and their corresponding MAC
addresses.
When to Use It?
 Troubleshooting network issues to ensure that devices can communicate
properly. Checking the mapping of IP addresses to MAC addresses on
your local network.

ping 127.0.0.1
The loopback address is a special IP address, typically 127.0.0.1, that points back
to your own device. It allows you to test network functions locally without
needing an external network connection.
What Does It Do?
Sends packets to your own computer, allowing you to check if the network
stack is working properly.
Purpose
Testing - Useful for troubleshooting network software and configurations.
Performance Check - Helps verify that the TCP/IP stack is installed and
functioning correctly on your device.
Expected Result
You should receive replies indicating the time taken for the packets to
return. If you see replies, it means your network stack is functioning
properly.

Routing - is the process of forwarding packets from network to network through best
paths. Routing is a job done by special devices called routers. The routers decide how
to forward a packet based on its destination address, which is compared to
information the router keeps in special routing tables.

Routing table is like a map that a router uses. It lists all the networks the router
knows about and shows which direction (or which neighboring router) to send a packet
so it can reach its final destination.
A routing table is like a map that a router uses. It lists all the networks the router knows
about and shows which direction (or which neighboring router) to send a packet so it
can reach its final destination.

Basic Routing Process

How does a Packet from a source IP address of 10.0.1.2(PC1) route to a destination
IP of 10.0.2.2. (PC2)?

PC1 needs to determine the MAC address of a router, So it sends an ARP request, The
Switch will receive an ARP request and send an ARP reply to PC1, Then PC1 forwards
the data frame to router’s MAC address.
Router 1 receives data frames from PC1 and looks at the IP header. Determines the best
path by looking at the routing table, then it forwards a data frame via Serial 1/1.
Router 2 receives the data frame, it looks at the IP header to determine a destination
network, if it is on Router 2’s network, Router 2 sends ARP request to find destination.
Router 2 will receive ARP reply from Switch 2, then forward data frame to (PC2’s) MAC
address. If the destination is not among Router 2 networks, then it forwards it to the
next Router.

Types of Networks in the Routing Table
Directly connected networks: These networks are connected directly to the router.
Remote networks: These networks are connected to other routers.

Types of Remote Routing
Static Routing the network administrator manually constructs the routing table in
every router by putting in the entries for every network that could be a destination.
Static routes to network destinations are unchangeable.

Dynamic Routing consists of routing tables that are built and maintained
automatically through an ongoing communication between routers. This
communication is facilitated by a routing protocol.
Routing Protocols - protocols that are used by a router to determine the appropriate
path over which data is transmitted. Routing Information Protocol (RIP), Enhanced
Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF) are
some examples of routing protocols.

Load Balancing
When a router has two or more ways to get to the same destination, and both
ways seem equally good (same cost or efficiency), the router splits the data and
sends it through both paths equally. In the routing table, the destination appears
once, but it shows multiple " exits " or paths to get there.
If set up properly, this process, called load balancing, can make the network
work better by using all available paths.
Equal cost load balancing works with both automatic routing protocols (like RIP,
EIGRP, OSPF) and manually set routes (static routes).

Routing Protocol Metrics
A value used by routing protocols to determine the best path for data.
If multiple routes exist, the protocol uses metrics to pick the best one.
The route with the lowest metric value is chosen as the best path.
Metrics vary by protocol (e.g., RIP, OSPF, EIGRP).

Examples of Metrics
Hop Count - The number of routers data has to pass through to reach its
destination.
Delay - The time it takes for data to travel through the network.
Load - How much traffic or activity is already on the path.

Why is lower better?
Hop Count - Fewer hops mean less chance for delay or failure, so a lower hop
count is more efficient.
Delay - A shorter delay means faster data transmission, which improves overall
performance.
Load - Less load means the path is less congested, so it will be faster and more
reliable.

Types of Routing Protocols

Distance Vector vs. Link-State
Distance-Vector Protocol - This type of protocol calculates the best route by
measuring the number of hops to reach a destination, with each router sharing
information about its directly connected networks.
Link-State Protocol - This protocol builds a complete map of the network, allowing
each router to calculate the shortest path to all destinations based on the entire
network' s structure.

These two terms describe how different routing protocols function.

Types of Routing Protocols
RIP (Routing Information Protocol) - This is a distance-vector protocol. It finds
the best route for data based on the number of hops (how many routers the data
has to pass through). Fewer hops means a better route.
EIGRP (Enhanced Interior Gateway Routing Protocol) - Similar to RIP, EIGRP
also uses distance (number of hops) to decide the best route but is more
advanced and efficient.
OSPF (Open Shortest Path First) - This is a link-state protocol. It creates a map
of the entire network and calculates the best route based on the shortest path
between devices.
BGP (Border Gateway Protocol) - This is a hybrid protocol because it combines
both distance-vector and link-state methods to decide the best route, often used
between large networks (like the internet).

RIP is a protocol that helps routers share information about the networks they know. It
uses hop count (the number of routers a data packet passes through) to decide the
best route. Fewer hops = better path. Routing updates (information about the network)
are broadcast to all routers every 30 seconds, so they stay updated.