Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Overview of Networking
Basics of Networking
Destination System
Source System
Workstation/PC
Medium
Workstation/PC
5
1.
2.
3.
4.
5.
6.
External
nodes
(or stations)
Cloud
Internal nodes
(swithing devices)
7
A typical network
Description
Author
Version
Date
1
2
3
4
5
6
7
8
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
10
Topologies
Bus Topology
Bus: each node is daisy-chained (connected one right after the other)
along the same backbone. Information sent from a node travels along
the backbone until it reaches its destination node. Each end of a bus
network must be terminated with a resistor to keep the
12
Ring Topology
Similar to a bus network, rings have
nodes daisy chained, but the end of
the network in a ring topology comes
back around to the first node, creating
a complete circuit. Each node takes a
turn
sending
and
receiving
information through the use of a
token. The token along with any data
is sent from the first node to the
second node which extracts the data
addressed to it and adds any data it
wishes to send. Then second node
passes the token and data to the third
node, etc. until it comes back around
to the first node again. Only the node
with the token is allowed to send
data . All other nodes must wait for
the token to come to them.
13
Star Topology
In a star network, each node is
connected to a central device called a
hub. The hub takes a signal that comes
from any node and passes it along to all
the other nodes in the network
A hub does not perform any type of
filtering or routing of the data
A hub is a junction that joins all the
different nodes together
14
Star-Bus Topology
Prob. Most common topology
used today. Combines elements of
the star and bus topologies to
create a versatile network
environment
Nodes in particular areas are
connected to hubs (and create star
topology), and hubs are connected
together along the network
backbone (like a bus network)
Often you have stars nested
within stars
15
Mesh Topology
16
17
Description
Author
Version
Date
1
2
3
4
5
6
7
8
18
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
19
Types of Network
Network configuration
21
Peer-to-Peer network
22
23
25
26
Description
Author
Version
Date
1
2
3
4
5
6
7
8
27
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
28
Coaxial cable
Widely installed for use in business and corporation Ethernet and other
types of LANs.
Consists of inter copper insulator covered by cladding material, and
then covered by an outer jacket
Physical Descriptions:
Applications:
TV distribution (cable tv); long distance telephone transmission; short
run computer system links
Local area networks
Transmission characteristics:
Can transmit analog and digital signals
Usable spectrum for analog signaling is about 400 Mhz
Amplifier needed for analog signals for less than 1 Km and less
distance for higher frequency
Repeater needed for digital signals every Km or less distance for
higher data rates
Operation of 100s Mb/s over 1 Km
31
Application:
Common in building for digital signaling used at speed of 10s Mb/s
(CAT3) and 100Mb/s (CAT5) over 100s meters.
Common for telephone interconnection at home and office buildings
Less expensive medium; limited in distance, bandwidth, and data rate
32
Maximum
data rate
Usual application
CAT 1
Less than
1 Mbps
CAT 2
4 Mbps
CAT 3
16 Mbps
CAT 4
20 Mbps
100 Mbps
33
Optical Fibers
Physical Description:
Glass or plastic core of optical fiber = 2to125 m
Cladding is an insulating material
Jacket is a protective cover
Laser or light emitting diode provides transmission light source
Applications:
Long distance telecommunication
Greater capacity; 2 Gb/s over 10s of Km
Smaller size and lighter weight
Lower attenuation (reduction in strength of signal)
Electromagnetic isolation not effected by external electromagnetic
environment. Aka more privacy
Greater repeater spacing fewer repeaters, reduces line regeneration cost
34
35
Wireless Transmission
Frequency range (line of sight):
26 GHz to 40 GHz: for microwave with highly directional beam as
possible
30 MHz to 1 GHz: for omni directional applications
300MHz to 20000 GHz: for infrared spectrum; used for point to
point and multiple point application (line of sight)
Physical applications:
Terrestrial microwave long haul telecommunication service
(alternative to coaxial or optical fiber)
Few amplifier and repeaters
Propagation via towers located without blockage from trees, etc
(towers less than 60 miles apart)
36
Wireless LAN
Wireless LAN
Hiper LAN (European standard; allow communication at up to 20
Mbps in 5 GHz range of the radio frequency (RF) spectrum
Hiper LAN/2 operate at about 54 Mbps in the same RF band
38
Description
Author
Version
Date
1
2
3
4
5
6
7
8
39
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
40
Network Components
Hubs
A hub is the place where data converges from one or more directions
and is forwarded out in one or more directions.
Seen in local area networks
42
Gateways
43
Routers
44
Bridge
45
Differences
Bridge: device to interconnect two LANs that use the SAME logical
link control protocol but may use different medium access control
protocols
Router: device to interconnect SIMILAR networks, e.g. similar
protocols and workstations and servers
Gateway: device to interconnect DISSIMILAR protocols and servers,
and Macintosh and IBM LANs and equipment
46
Switches
47
Description
Author
Version
Date
1
2
3
4
5
6
7
8
48
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
49
IEEE Standards
Introduction
IEEE 802 refers to a family of IEEE standards
Dealing with local area network and metropolitan area network
Restricted to networks carrying variable-size packets
Specified in IEEE 802 map to the lower two layers
Data link layer
LLC sub layer
MAC sub layer
Physical layer
The most widely used standards
The Ethernet family, Token Ring, Wireless LAN
Bridging and Virtual Bridged LANs
An individual Working Group provides the focus for each area
51
802.3
802.2
Group
802.7
802.8
802.9
52
Advantages
Flexible deployment
Minimal wiring difficulties
More robust against disasters
(earthquake etc)
AP
wired
network
Disadvantages
Low bandwidth compared to wired networks (1-10 Mbit/s)
Need to follow wireless spectrum regulations
Not support mobility
53
802.11
802.11
802.11a
802.11b
802.11g
Protocol
Release
date
Op. Frequency
Data rate
(Max)
Legacy
1997
2.5~2.5 GHz
2 Mbit/s
802.11a
1999
5.15~5.35/5.47~5.
725/5.725~5.875
GHz
802.11b
1999
802.11g
802.11n
802.11n
Range
(indoor)
Range
(outdoor)
54 Mbit/s
~25 m
~75 m
2.4~2.5GHz
11 Mbit/s
~35 m
~100 m
2003
2.4~2.5GHz
54 Mbit/s
~25 m
~75 m
2007
2.4GHz or 5GHz
540 Mbit/s
~50 m
~12554m
55
56
802.15.1
802.15.2
802.15.3
802.15.1 : WPAN/Bluetooth
802.15.2 : Coexistence Group
802.15.3a
802.15.3 : High Rate(HR) WPAN Group
802.15.3a : WPAN HR Alternative PHY Task
Group
802.15.3b : MAC Amendment Task Group
802.15.4 : Low Rate(LW) WPAN Group(Zigbee)
802.15.4a : WPAN Low Rate Alternative PHY
802.15.4b : Revisions and Enhancements
UWB Forum
802.15.3b
802.15.4
802.15.4a
802.15.4b
57
WWAN
(IMT-2000)
cdma2000 1xEV-DO,
cdma2000 1xEV-DV
2G/2.5G
802.16e
802.16a
(WiMAX)
Cellular
WCDMA HSDPA
802.15.1
(Bluetooth)
0.1
802.11
(WLAN)
1.03.1
802.15.3a
(UWB)
10
100
58
802.16.f
802.15.g
802.15.h
802.15.i
802.15.j
802.15.k
802.15.m
59
Description
Author
Version
Date
1
2
3
4
5
6
7
8
60
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
61
Types of Network
63
64
65
MAN Architecture
66
67
WAN Architecture
68
PAN Architecture
70
72
Description
Author
Version
Date
1
2
3
4
5
6
7
8
73
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
74
OSI Model
76
Establish/manage connection
End-to-end control & error checking
(ensure complete data transfer): TCP
Routing and Forwarding Address: IP
78
79
81
82
83
85
87
Description
Author
Version
Date
1
2
3
4
5
6
7
8
92
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
93
96
TCP
The Transmission Control Protocol (TCP) is one of the core protocols of
the Internet Protocol Suite. TCP is one of the two original components of
the suite, complementing the Internet Protocol (IP), and therefore the entire
suite is commonly referred to as TCP/IP. TCP provides reliable, ordered
delivery of a stream of bytes from a program on one computer to another
program on another computer. TCP is the protocol used by major Internet
applications such as the World Wide Web, email, remote
administration and file transfer. Other applications, which do not require
reliable data stream service, may use the User Datagram Protocol (UDP),
which provides datagram service that emphasizes reduced latency over
reliability.
97
100
101
File
Protocol
Transfer
102
103
IPX/SP
X
IPX/SPX is a routable protocol and can be used for small and large
networks. It was created by Novell primarily for Novell NetWare networks,
but is popular enough that it is used on products that are not from Novell.
NCP - NetWare Core Protocol provides for client/server interactions
such as file and print sharing. It works at the application, presentation, and
session levels.
SAP - Service Advertising Protocol packets are used by file and print
servers to periodically advertise the address of the server and the services
available. It works at the application, presentation, and session levels.
104
IPX/SP
X
SPX - Sequenced Packet Exchange operates at the transport layer
providing connection oriented communication on top of IPX.
IPX - Internetwork Packet Exchange supports the transport and
network layers of the OSI network model. Provides for network
addressing and routing. It provides fast, unreliable, communication
with network nodes using a connection less datagram service.
105
Network Level
Protocols
Application
Presentation
NCP
SAP
Session
Transport
Network
Data Link
IPX
SPX
NDIS/NIC
drivers
106
NetBIOS
NetBIOS is an acronym for Network Basic Input/Output System. It
provides services related to the session layer of the OSI model allowing
applications on separate computers to communicate over a local area
network. As strictly an API, NetBIOS is not a networking protocol.
Older operating systems ran NetBIOS over IEEE 802.2 and IPX/SPX using
the NetBIOS\ Frames (NBF) and NetBIOS (NBX) protocols, respectively.
In modern networks, NetBIOS normally runs over TCP/IP via the NetBIOS
over TCP/IP (NBT) protocol. This results in each computer in the network
having both an IP address and a NetBIOS name corresponding to a
(possibly different) host name.
107
Apple Talk
Apple Talk..Continued
The rise of TCP/IP during the 1990s led to a re-implementation of most of
these types of support on that protocol, and AppleTalk became unsupported
as of the release of Mac OS X v10.6 in 2009. Many of AppleTalk's more
advanced auto-configuration features have since been introduced
in Bonjour.
111
Telnet
SNMP
DNS
SLIP/
PPP
112
Description
Author
Version
Date
1
2
3
4
5
6
7
8
113
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
114
IP Addressing
What is an IP address?
116
Types of IP address
Static address
Dynamic address
117
Static IP address
Manually input by network administrator
Manageable for small networks
Requires careful checks to avoid duplication
118
Dynamic IP address
Examples - BOOTP, DHCP
Assigned by server when host boots
Derived automatically from a range of addresses
Duration of lease negotiated, then address released back to server
119
Class A IP address
1st octet = network address, octets 2-4 = host address
1st bits of 1st octet set to 0
up to (2^24 - 2) host addresses (16.8M)
121
Class A IP address
122
Class B IP address
1st 2 octets = network address, octets 3-4 = host address
1st 2 bits of 1st octet set to 10
up to (2^16 - 2) host addresses (65534)
123
Class B IP address
124
Class C IP address
125
Class C IP address
126
Routing tables
Identifying source and destination
IP packet routing
127
Tables
Created by router, held in memory, constantly updated
Based on cross-referencing
IP packet source address, and port on which received
128
129
130
131
Why subnet
Reduce broadcast domain, improve network efficiency
Why subnet
Reduce broadcast domain, improve network efficiency
132
Subnet masks
133
IP Routing
135
IP Routing
When we want to connect two or more networks using different n/w
addresses then we have to use IP Routing technique. The router will
be used to perform routing between the networks. A router will
perform following functions for routing.
Path determination
Packet forwarding
Path determination
The process of obtaining path in routing table is called path
determination. There are three different methods to which router can
learn path.
Automatic detection of directly connected n/w.
Static & Default routing
Dynamic routing
136
IP Routing
Packet forwarding
It is a process that is by default enable in router. The router will
perform packet forwarding only if route is available in the routing
table.
137
Routing Process
The pc has a packet in which destination address is not same as the
local n/w address.
The pc will send an ARP request for default gateway. The router will
reply to the ARP address and inform its Mac address to pc.
The pc will encapsulate data, in which source IP is pc itself,
destination IP is server, source Mac is pcs LAN interface and
destination Mac is routers LAN interface.
138
Routing Process
R1
10.0.0.1
S. MAC
PC1
D. IP
S. IP
D. MAC
R1
172.16.0.5
10.0.0.6
172.16.0.5
139
The router will receive the frame, store it into the buffer. When obtain
packet from the frame then forward data according to the destination
IP of packet. The router will obtain a route from routing table
according to which next hop IP and interface is selected
According to the next hop, the packet will encapsulated with new
frame and data is send to the output queue of the interface.
140
Static Routing
In this routing, we have to use IP route commands through which we
can specify routes for different networks. The administrator will analyze
whole internetwork topology and then specify the route for each n/w
that is not directly connected to the router.
Steps to perform static routing
Create a list of all n/w present in internetwork.
Remove the n/w address from list, which is directly connected to n/w.
Specify each route for each routing n/w by using IP route command.
Router(config)#ip route <destination n/w> <mask> <next hop ip>
Next hop IP it is the IP address of neighbor router that is directly
connected our router.
141
142
143
146
Dynamic Routing
In dynamic routing, we will enable a routing protocol on router. This protocol
will send its routing information to the neighbor router. The neighbors will
analyze the information and write new routes to the routing table.
The routers will pass routing information receive from one router to
other router also. If there are more than one path available then routes are
compared and best path is selected. Some examples of dynamic protocol are: RIP, IGRP, EIGRP, OSPF
Types of Dynamic Routing Protocols
According to the working there are two types of Dynamic Routing Protocols.
(1) Distance Vector
(2) Link State
147
Dynamic Routing
According to the type of area in which protocol is used there are again two
types of protocol: (1) Interior Routing Protocol
(2) Exterior Routing Protocol
Interior Routing
Exterior Routing
RIP
BGP
IGRP
EXEIGRP
EIGRP
OSPF
148
151
152
Hop Count
It is the no. of Hops (Routers) a packet has to travel for a destination n/w.
Bandwidth
Bandwidth is the speed of link. The path with higher bandwidth is preferred to send
the data.
Load
Load is the amount of traffic present in the interface. Paths with lower load and high
throughput are used to send data.
Reliability
Reliability is up time of interface over a period of time.
Delay
Delay is the time period b/w a packet is sent and received by the destination
153
Routing Loops
It may occur b/w adjacent routers due to wrong routing information. Distance
Vector routing is also called routing by Rumor. Due to this the packet may
enter in the loop condition until their TTL is expired.
Method to solve routing loops
There are five different methods to solve or reduce the problem of routing
loop.
Maximum Hop Count
Flash Updates/Triggered Updates
Split Horizon
Poison Reverse
Hold Down
155
Poison Reverse
This method is the combination of split Horizon and Flash updates. It
implements the rule that information received from the interface can not be
sent back to the interface and in case of topology change flash updates will be
send to the neighbor.
Hold Down
If a route changes frequently then the route is declared in Hold Down state and
no updates are received until the Hold Down timer expires.
157
158
Loop Control
Split Horizon
Triggered Updates
Maximum Hop Count
Hold Down
Maximum Hop Count 15
Administrative Distance 120
Equal Path Cost Load Balancing
Maximum Load path 6
Default 4
Does not support VLSM
Does not support Autonomous system
159
Configuring RIP
Router#conf ter
Router(config)#router rip
Router(config-router)#network <own net address>
Router(config-router)#network <own net address>
--------------------------Router(config-router)#exit
Router(config-router)#network 10.0.0.0
Router(config-router)#network 172.16.0.0
Router(config-router)#network 200.100.100.0
175.2.0.0 via 172.16.0.6
160
Configuring RIP
172.16.0.6
10.0.0.1
5.2
200.100.100.12
1
.1.
R
1
.5
17
6.0
1
.
2
7
1
161
Neighbor RIP
In RIP, by default routing updates are send to the address 255.255.255.255.
In some scenarios, it may be required to send routing updates as a unicast
from router to another. In this case, we have to configure neighbor RIP.
For example: - in a Frame Relay n/w the broadcast update is discarded by
the switches, so if we want to send RIP updates across the switches then
we have to unicast updates using Neighbor RIP.
163
Unicast 10.0.0.2
255.255.255.255
10.0.0.1
Frame
Relay
Cloud
10.0.0.2
R1
R1
Router(config)#router rip
Router(config-router)#neighbor 10.0.0.2
neighbor
R2
R2
Router(config)#router rip
Router(config router)#
10.0.0.1
164
Router(config)#router rip
Router(config-router)#distance <value>
Router(config-router)#exit 95 or 100
To configure Load Balance
RIP is able to perform equal path cost Load Balancing. If multiple paths
are available with equal Hop Count for the destination then RIP will
balance load equally on all paths.
Load Balancing is enabled by default 4 paths. We can change the no. of
paths. It can use simultaneously by following command: Router(config)#router rip
Router(config-router)#maximum-path <1-6>
165
RIP version 2
RIP version 2 supports following new features: Support VLSM (send mask in updates)
Multicast updates using address 224.0.0.9
Support authentication
167
168
169
Bandwidth (default)
Delay (default)
Load
Reliability
MTU
170
171
Configuring IGRP
172
173
Variance: - it is the multiplier value to the least metric for a destination n/w up
to which the load can be balanced.
Router(config)#Router igrp <as no>
Router(config-router)#variance <value>
Router(config-router)#exit
174
Configuring IGRP
Configuring following options in IGRP as same as in case of RIP: Neighbor
Passive interface
Timer
Distance (AD)
Maximum path
175
Translation Modes
Dynamic translation (IP masquerading)
Large number of internal users share a single external address
Static translation
A block external addresses are translated to a same size block of
internal addresses
Load balancing translation
A single incoming IP address is distributed across a number of
internal servers
Network redundancy translation
Multiple internet connections are attached to a NAT firewall that it
chooses and uses based on bandwidth, congestion and availability
177
Static Translation
Map a range of external address to the same size block of internal
addresses
Firewall just does a simple translation of each address
Port forwarding - map a specific port to come through the Firewall
rather than all ports; useful to expose a specific service on the internal
network to the public network
179
Load Balancing
180
Network Redundancy
181
182
10.0.0.5
10.0.0.6
10.0.0.1
NAT
200.100.100.12
Internet
Switch
10.0.0.5
10.0.0.7
10.0.0.8
200.100.100.
12
1080
10.0.0.6
200.100.100.
12
1085
183
10.0.0.7
200.100.100.
12
1100
Port Translation
1024
10.0.0.8
200.100.100.
12
1024
184
Static NAT
This NAT is also used for servers. It provides port-based access to the servers
with the help of NAT.
Static NAT
200.1.1.5 = 192.168.10.6
Rout
er
Interne
t
0.1.1
0
2
e
Liv
.5
Local 192.168.10.6
185
Web
DNS
192.168.10.6
192.168.10.7
Interne
t
186
188
Configuring NAT
Router#conf ter
Router(config)#int serial 0
Router(config-if)#ip nat outside
Router(config-if)#int eth 0
Router(config-if)#ip nat inside
Router(config-if)#exit
Router(config)#ip nat inside source static 172.16.0.7 200.1.1.3
Router(config)#ip nat inside source static tcp 172.16.0.5 80 200.1.1.4
80
Router(config)#ip nat inside source static udp 172.16.0.6 53 200.1.1.4
53
Router(config)#access-list 30 deny 172.16.0.5
Router(config)#access-list 30 deny 172.16.0.6
Router(config)#access-list 30 deny 172.16.0.7
Router(config)#access-list 30 permit any
Router(config)#ip nat pool abc 200.1.1.8 200.1.1.12 netmask
255.255.255.240
189
Description
Author
Version
Date
1
2
3
4
5
6
7
8
191
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
192
The service includes support for dialup and logon, presents the same
network interface as the normal network drivers (albeit slightly slower). It is
not necessary to run Windows NT on the client - there are client versions for
other Windows operating systems.
A feature built into Windows NT enables users to log into an NTbased LAN using a modem, X.25 connection or WAN link. RAS works with
several major network protocols, including TCP/IP, IPX, and NBF.
To use RAS from a remote node, you need a RAS client program, which is
built into most versions of Windows, or any PPP client software. For
example, most remote control programs work with RAS.
Starting in the mid-1990s, several manufacturers such as U.S.
Robotics produced "modem terminal servers". Instead of having RS232ports, these would directly incorporate an analog modem. These devices
were commonly used by Internet service providers to allow consumer dialup. Modern versions interface to an ISDN PRI instead of having analog
modem ports.
195
196
197
198
199
200
Contention
CSMA/CD Carrier Sense Multiple Access with Collision Detection
IEEE 802.3 Ethernet LANs use the Carrier Sense Multiple Access
with Collision detection(CSMA/CD) protocol to detect and handle
collisions on the network. However, WLANs cant use CSMA/CD
because they cant transmit and listen at the same time.
CSMA/CA Carrier Sense Multiple Access with Collision Avoidance
The IEEE 802.11b standard specifies the carrier sense multiple access
with collision avoidance (CSMA/CA) protocol for WLANs.
CSMA/CA tries to avoid collisions by using explicit packet
acknowledgment.
With CSMA/CA, an acknowledgment packet is sent by the receiving
station to confirm it has received a data packet. If the transmitting
station does not receive the acknowledgment, it assumes that a
collision has occurred and transmits the data packet again.
201
Token passing
IEEE 802.5 standard deals with Token Ring networks
Token passing is implemented on a token-ring network.
IEEE 802.5 Token Ring networks use a token-passing media access method. A
token is a special packet that gives permission to a device to transmit data on
to the network. When a device receives a token and transmits a frame, the
frame is forwarded around the ring by all attached devices.
When the frame reaches its destination, it is copied and processed by the
receiving device and placed back on the ring. Before placing the frame back on
the ring, the receiving device sets frame-status bits to indicate that the frame
was received. The frame circles the ring until it returns to the original
transmitting device.
202
Demand Priority
203
MAC Address
Contains 48-bit destination address
field.
Who is this frame for?
00-C0-F0-56-BD-97
Hey Joe
204
MAC Address
205
206
FF-FF-FF-FF-FF-FF
48 bits, all 1s
All NICs copy the
frame & send it up
the stack
207
Broadcast Frames
Collision Domain
Reducing Collisions
Collision frequency can be kept low by breaking the network into
segments bounded by:
bridges
switches
routers
Broadcast Domain
Reducing Broadcasts
Shared Ethernet
Shared Ethernet
Hub
Switched Ethernet
Consists of a several segments, each of which is shared by NICs
attached to it.
The network is segmented into several collision domains.
Bridges, switches, and routers create the segment and collision
domain boundaries.
Segments may contain hubs and repeaters.
Switched Ethernet
Switch - 1 port per hub
Hub
Hub
Summary
Term
LAN Segment
(Collision domain)
Entire LAN
(Broadcast domain)
Internetwork
(Group of LANs
cross-connected
by Routers)
Includes
Cable
Repeaters
Hubs
Boundary
Bridges
Switches
(Routers)
Everything
except
Routers
Edge of LAN
Routers
LANs &
Routers
Edge of
Internetwork
Example
switch
router
switch
hub
hub
hub
hub
router
switch
Application
First, complete Lab 7A
Then, on a printed copy of the Teaching Topology (curriculum
p7.5.5)
Circle each collision domain - use a solid line.
Circle each broadcast domain - use a dashed line.
Reminder
Collisions
spread throughout a LAN segment
spread across hubs & repeaters
are stopped by switches & bridges
Broadcasts
spread throughout an entire LAN
spread across hubs, switches, bridges
are stopped only by routers
225
LAN Switching
Ethernet switches are used in LAN to create Ethernet n/ws. Switches
forward the traffic on the basis of MAC address. Switches maintain a
Mac Addresse table in which mac addresses and port no.s are used to
perform switching decision. Working of bridge and switch is similar to
each other.
226
Classification of switches
Switches are classified according to the following criteria: Types of switches based on working
(1) Store & Forward
This switch receives entire frame then perform error checking and
start forwarding data to the destination.
(2) Cut through
This switch starts forwarding frame as soon as first six bytes of the
frame are received.
(3) Fragment-free
This switch receives 64 bytes of the frame, perform error checking
and then start forwarding data.
(4) Adaptive cut-through
It changes its mode according the condition. If it see there are
errors in many frames then it changes to Store & Forward mode from
Cut through or Fragment-free.
227
Classification of switches
Types of switches based on management
(1) Manageable switches
(2) Non-Manageable switches
(3) Semi-Manageable switches
Types of switches based on OSI layer
(1) Layer 2 switches (only switching)
(2) Layer 3 switches (switching & routing)
Types of switches based on command mode (only in Cisco)
(1) IOS based
(2) CLI based
Type of switches based on hierarchical model
(1) Core layer switches
(2) Distribution layer switches
(3) Access layer switches
228
230
231
Old Switches
Switch(config)#ip address <ip> <mask>
Switch(config)#exit
Configuring Gateway
Switch(config)#ip default-gateway <ip>
Switch(config)#exit
232
Description
Author
Version
Date
1
2
3
4
5
6
7
8
234
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
235
Security Protocol
237
238
IPsec
Internet Protocol Security (IPsec) is a protocol suite for securing Internet
Protocol (IP) communications by authenticating andencrypting each IP
packet of a communication session. IPsec also includes protocols for
establishing mutual authentication between agents at the beginning of the
session and negotiation of cryptographic keys to be used during the session.
IPsec is an end-to-end security scheme operating in the Internet Layer of
the Internet Protocol Suite. It can be used in protecting data flows between a
pair of hosts (host-to-host), between a pair of security gateways (networkto-network), or between a security gateway and a host (network-to-host).[1]
Some other Internet security systems in widespread use, such as Secure
Sockets Layer (SSL), Transport Layer Security (TLS) andSecure
Shell (SSH), operate in the upper layers of the TCP/IP model. In the past,
the use of TLS/SSL had to be designed into an application to protect the
application protocols. In contrast, since day one, applications did not need to
be specifically designed to use IPsec.
239
Kerberos (protocol)
Kerberos is a computer network authentication protocol which works on
the basis of "tickets" to allow nodes communicating over a non-secure
network to prove their identity to one another in a secure manner. Its
designers aimed primarily at a clientserver model, and it provides mutual
authenticationboth the user and the server verify each other's identity.
Kerberos protocol messages are protected against eavesdropping and replay
attacks. Kerberos builds on symmetric key cryptography and requires
a trusted third party, and optionally may use public-key cryptography by
utilizing asymmetric key cryptography during certain phases of
authentication. Kerberos uses port 88 by default.
"Kerberos" also refers to a suite of free software published
by Massachusetts Institute of Technology (MIT) that implements the
Kerberos protocol.
241
Point-to-point protocol
In networking, the Point-to-Point Protocol (PPP) is a data
link protocol commonly used in establishing a direct connection between
two networking nodes. It can provide connection authentication,
transmission encryption (using ECP, RFC 1968), and compression.
PPP is used over many types of physical networks including serial
cable, phone line, trunk line, cellular telephone, specialized radio links, and
fiber optic links such as SONET. PPP is also used over Internet
access connections (now marketed as "broadband"). Internet service
providers (ISPs) have used PPP for customer dial-up access to the Internet,
since IP packets cannot be transmitted over a modem line on their own,
without some data link protocol. Two encapsulated forms of PPP, Point-toPoint Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over
ATM (PPPoA), are used most commonly by Internet Service Providers
(ISPs) to establish a Digital Subscriber Line (DSL) Internet service
connection with customers.
242
243
Wireless Technology
Wireless telecommunications is the transfer of information between two or
more points that are not physically connected. Distances can be short, such
as a few meters for television remote control, or as far as thousands or even
millions of kilometers for deep-space radio communications. It encompasses
various types of fixed, mobile, and portable two-way radios, cellular
telephones, personal digital assistants (PDAs), and wireless networking.
Other examples of wireless technology include GPS units, Garage door
openers or garage doors, wireless computer mice, keyboards and Headset
(audio), headphones, radio receivers,satellite television, broadcast
television and cordless telephones.
245
Infrared
Infrared (IR) light is electromagnetic radiation with
longer wavelengths than those of visible light, extending from the
nominal red edge of the visible spectrum at 0.74 micrometers (m) to
300 m. This range of wavelengths corresponds to a frequency range of
approximately 1 to 400 THz, and includes most of the thermal
radiation emitted by objects near room temperature. Infrared light is emitted
or absorbed by molecules when they change their rotationalvibrational movements.
Much of the energy from the Sun arrives on Earth in the form of infrared
radiation. Sunlight at zenith provides an irradiance of just over
1 kilowatt per square meter at sea level. Of this energy, 527 watts is infrared
radiation, 445 watts is visible light, and 32 watts is ultraviolet radiation. The
balance between absorbed and emitted infrared radiation has a critical effect
on the Earth's climate.
246
247
Light Comparison[3]
Name
Wavelength
Frequency (Hz)
Gamma ray
X-Ray
0.01 nm to 10 nm
30 EHz - 30 PHZ
Ultraviolet
10 nm - 390 nm
3 eV to 124 eV
Visible
390 - 750 nm
1.7 eV - 3.3 eV
Infrared
750 nm - 1 mm
Microwave
1 mm - 1 meter
Radio
1 mm - 100,000 km
300 GHz - 3 Hz
248
Bluetooth
IEEE 802.11A
UWB
frequency
2.4Ghz
5GHz
3.1~10.6GHz
1Mbps
54Mbps
100Mbps~1Gbps
Range
5~10m
35~50m
10~30m
The number of
channel
79
12
..
249
Bluetooth versions
Bluetooth 1.0 and 1.0B
Versions 1.0 and 1.0B had many problems
Manufacturers had difficulty making their products interoperable
Bluetooth 1.1
Many errors found in the 1.0B specifications were fixed
Added support for non-encrypted channels
Received Signal Strength Indicator (RSSI)
Bluetooth 1.2
Faster Connection and Discovery
Use the Adaptive frequency-hopping spread spectrum (AFH)
Improves resistance to radio frequency interference
Higher transmission speeds in practice, up to 721 kbps
250
Bluetooth 2.0
This version, specified November 2004
The main enhancement is the introduction of an enhanced data
rate (EDR) of 3.0 Mbps.
Lower power consumption through a reduced duty cycle.
Simplification of multi-link scenarios due to more available
bandwidth.
Bluetooth 2.1
A draft version of the Bluetooth Core Specification Version 2.1 +
EDR is now available
251
252
253
Power mW
Rage meter
BW/channel
Rate bps
CDMA
1xEVDO
600
~2000
1.25 MHz
2.4M
802.16(WiMA
X)
250
~4000
25MHz
120M
802.11g(WiFi)
50
~100
25MHz
54M
Bluetooth
~10
1MHz
<1M
UWB
<30
10~30
500MHz
100M~1G
Key application
Wireless USB
Toys and game
Consumer electronics
Location tracking
Handset
254
255
257
Step 1
Attach the incoming DSL cable to the "Input," "Cable" or "DSL" port on
your DSL modem.
Step 2
Plug one end of an Ethernet cable into the Ethernet port on your DSL
modem and plug the other end of the cable into the "Internet," "WLAN" or
"WAN" port on your wireless router.
Step 3
Plug one end of the Ethernet cable supplied with your wireless router into
one of the output ports on the router. Plug the other end of the cable into the
Ethernet port on your computer.
Step 4
Connect your DSL modem and router to a power source.
258
Step 5
Open a browser and type the router's IP address, which likely will be either
"http://192.168.0.1" or "http://192.168.1.1." Enter the username, which is
frequently "admin." Enter the password, which may be set to "admin",
"password" or blank as the default. Set up the router according to the
instructions provided with the router. The product documentation will also
provide the IP address and username/password. During setup, the most
important things you should do are change the SSID network name,
configure encryption and change the router password.
Step 6
Disconnect the Ethernet cable from your computer, if you prefer to connect
wirelessly.
Step 7
Click the wireless icon, located by the system clock on your Windows 7 PC.
Click the router name that corresponds to the SSID you entered during
setup. Click "Connect" and enter the password to connect to the router.
Repeat for each computer requiring access.
259
261
262
Driver Compatibility
It is important to make sure that you have installed the correct device driver
for your wireless network adapter. This can cause all sorts of problems or
your adapter not to function at all. A friend of mine recently set up his own
wireless network at home but complained to me that his wireless network
connection was going crazy. Upon inspection I realized that he had
configured his router properly but installed the 5v instead of the 3v driver
on his laptop PCMCIA network card. Once the correct driver was installed,
everything began to run smoothly. It just goes to show how even the
smallest detail can make all the difference so make sure you have the correct
driver installed!
263
264
In the advanced tab select the Channel Property and change the Value to the
same number as the one you chose on the Access Point. Disable and then
re-enable the wireless connection.
265
266
267
Description
Author
Version
Date
1
2
3
4
5
6
7
8
268
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
269
Proxy Server
Proxy Server
In computer networks, a proxy server is a server (a computer system or an
application) that acts as an intermediary for requests from clients seeking
resources from other servers. A client connects to the proxy server,
requesting some service, such as a file, connection, web page, or other
resource available from a different server. The proxy server evaluates the
request as a way to simplify and control their complexity. Today, most
proxies are web proxies, facilitating access to content on the World Wide
Web.
271
Types of proxy
Forward proxies
Open proxies
Reverse proxies
273
Forward proxies
Forward proxies are proxies where the client server names the target server
to connect to. Forward proxies are able to retrieve from a wide range of
sources (in most cases anywhere on the Internet).
The terms "forward proxy" and "forwarding proxy" are a general description
of behavior (forwarding traffic) and thus ambiguous. Except for Reverse
proxy, the types of proxies described in this article are more specialized subtypes of the general forward proxy concept.
274
Open proxies
An open proxy is a forwarding proxy server that is accessible by any
Internet user. Gordon Lyon estimates there are "hundreds of thousands" of
open proxies on the Internet. An anonymous open proxy allows users to
conceal their IP address while browsing the Web or using other Internet
services. There are varying degrees of anonymity however, as well as a
number of methods of 'tricking' the client into revealing itself regardless of
the proxy being used.
275
Reverse proxies
A reverse proxy (or surrogate) is a proxy server that appears to clients to be
an ordinary server. Requests are forwarded to one or more origin servers
which handle the request. The response is returned as if it came directly from
the proxy server.
Reverse proxies are installed in the neighborhood of one or more web
servers. All traffic coming from the Internet and with a destination of one of
the neighborhood's web servers goes through the proxy server. The use of
"reverse" originates in its counterpart "forward proxy" since the reverse
proxy sits closer to the web server and serves only a restricted set of
websites.
276
278
Description
Author
Version
Date
1
2
3
4
5
6
7
8
279
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
280
Virtual LAN
Types Of VLANs
Today there is essentially one way of implementing VLANs - port-based
VLANs. A port-based VLAN is associated with a port called an access
VLAN.
However in the network there are a number of terms for VLANs. Some
terms define the type of network traffic they carry and others define a
specific function a VLAN performs. The following describes common
VLAN terminology:
Data VLAN
Default VLAN
Native VLAN
Management VLAN
Voice VLANs
283
Utility of VPN
VLANs are created to provide the segmentation services traditionally
provided by routers in LAN configurations. VLANs address issues such as
scalability, security, and network management. Routers in VLAN topologies
provide broadcast filtering, security, address summarization, and traffic flow
management. By definition, switches may not bridge IP traffic between
VLANs as it would violate the integrity of the VLAN broadcast domain.
This is also useful if someone wants to create multiple layer 3 networks on
the same layer 2 switch. For example, if a DHCP server is plugged into a
switch it will serve any host on that switch that is configured to get its IP
from a DHCP server. By using VLANs you can easily split the network up
so some hosts won't use that DHCP server and will obtain link-local
addresses, or obtain an address from a different DHCP server.
284
Advantages of VLAN
The main advantages of VLAN are listed below.
Broadcast Control: Broadcasts are required for the normal function of a
network. Many protocols and applications depend on broadcast
communication to function properly. A layer 2switched network is in a
single broadcast domain and the broadcasts can reach the network
segments which are so far where a particular broadcast has no scope and
consume available network bandwidth. A layer 3 device (typically a router)
is used to segment a broadcast domain.
If we segment a large LAN to smaller VLANs we can reduce
broadcast traffic as each broadcast will be sent on to the relevant VLAN
only
285
287
optional
Or
Switch#vlan database
Switch(vlan)#vlan <no>
[name <word>]
Switch(vlan)#exit
288
Trunking
To Display Vlan and port membership
Switch#sh vlan
When there are multiple switches then we have to use trunk links to
connect one switch with other. If we are not using trunk links then we
have to connect one cable from each vlan to the corresponding vlan
of the other switch.\
Switches will perform trunking with the help of frame tagging. The
trunk port will send data frames by adding a Vlan id information to
the frame, at the receiving end vlan id information is removing from
the end and according to the tag data is delivered to the
corresponding vlan. There are two protocols to perform frame
tagging.
(1) Inter switch link (cisco prop)
(2) IEEE 802.1 q
291
Configuring Trunking
In cisco switches all switch ports may be configured in three
modes
(1) Trunk desirable (default)
(2) Trunk on
(3) Trunk off
Switch#conf ter
Switch(config)#interface <type> <no>
Switch(config-if)#switchport mode <trunk|access|auto>
Switch(config-if)#exit
on
off
desirable
292
293
With the help of VTP, we can simplify the process of creating Vlan.
In multiple switches, we can configure one switch as VTP server and
all other switches will be configured as VTP client. We will create
Vlans on VTP server switch. The server will send periodic updates
to VTP client switches. The clients will create Vlans from the update
received from the VTP server.
VTP server
VTP server is a switch in which we can create, delete or modify
Vlans. The server will send periodic updates for VTP clients.
VTP client
On VTP client, we are not able to create, modify or delete Vlans.
The client will receive and forward vtp updates. The client will
create same Vlans as defined in vtp update.
295
297
298
Configuration on Router
Router#config ter
Router(config)#interface fastethernet 0/0
Router(config-if)#no ip address
Router(config-if)#no sh
Router(config-if)#exit
Router(config)#interface fastethernet 0/0.1
Router(config-if)#encapsulation dot1q 1
Router(config-if)#ip address 10.0.0.1 255.0.0.0
Router(config-if)#no sh
Router(config-if)#exit
Router(config)#interface fastethernet 0/0.2
Router(config-if)#encapsulation dot1q 3
Router(config-if)#ip address 11.0.0.1 255.0.0.0
Router(config-if)#no sh
299
Configuration on Router
Router(config-if)#exit
Router(config)#interface fastethernet 0/0.3
Router(config-if)#encapsulation dot1q 5
Router(config-if)#ip address 12.0.0.1 255.0.0.0
Router(config-if)#no sh
Router(config-if)#exit
300
301
302
As beneficial as VTP can be, it does have disadvantages that are normally
related to the spanning tree protocol (STP) as a bridging loop propagating
throughout the network can occur. Cisco switches run an instance of STP for
each VLAN, and since VTP propagates VLANs across the campus LAN,
VTP effectively creates more opportunities for a bridging loop to occur.
Before creating VLANs on the switch that will propagate via VTP, a VTP
domain must first be set up. A VTP domain for a network is a set of all
contiguously trunked switches with the same VTP domain name. All
switches in the same management domain share their VLAN information
with each other, and a switch can participate in only one VTP management
domain. Switches in different domains do not share VTP information.
Using VTP, each Catalyst Family Switch advertises the following on its
trunk ports:
Management domain
Configuration revision number
Known VLANs and their specific parameters
303
Description
Author
Version
Date
1
2
3
4
5
6
7
8
304
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
305
Network Storage
A network storage system maintains copies of digital data across highspeed local area network (LAN) connections. It is designed to back up files,
databases and other data to a central location that can easily accessed via
standard network protocols and tools.
Importance of Network Storage
Storage is an essential aspect of any computer. Hard drives and USB keys,
for example, are designed to hold the data generated by individuals on their
PCs, but when these types of local storage fail, the data is lost. Additionally,
the process of sharing local data with other computers can be timeconsuming, and sometimes the amount of local storage available is
insufficient to store everything desired. Network storage addresses these
problems by providing a reliable, external data repository for all computers
on the LAN to share efficiently. Besides freeing up local storage space,
network storage systems also typically support automated backup programs
to prevent critical data loss.
307
308
Network-attached storage
Network-accessed storage (NAS) is file-level computer data
storage connected to a computer network providing data access
to heterogeneous clients. NAS not only operates as a file server, but is
specialized for this task either by its hardware, software, or configuration of
those elements. NAS is often made as a computer appliance a specialized
computer built from the ground up for storing and serving files rather than
simply a general purpose computer being used for the role.
As of 2010 NAS devices are gaining popularity, as a convenient method of
sharing files among multiple computers. Potential benefits of networkattached storage, compared to file servers, include faster data access, easier
administration, and simple configuration.
NAS systems are networked appliances which contain one or more hard
drives, often arranged into logical, redundant storage containers
or RAID arrays. Network-attached storage removes the responsibility of file
serving from other servers on the network. They typically provide access to
files using network file sharing protocols such as NFS,SMB/CIFS, or AFP.
309
Network-Attached Storage(NAS)
310
NAS
Scalability: good
Availability: as long as the LAN and NAS device work,
generally good
Performance: limited by speed of LAN, traffic conflicts,
inefficient protocol
Management: OK
Connection: homogeneous vs. heterogeneous
311
Data is
How to
How to
How to
Asset
Store Data
Access Data
Manage Data Storage
312
313
314
315
Fibre Channel
316
Benefits of SAN
317
318
Description
Author
Version
Date
1
2
3
4
5
6
7
8
319
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
320
Operating System
322
User 1
Compiler
User 2
User 3
Assembler
Text editor
User n
Databases
System
Operating System
Computer Hardware
Figure: Abstract view of the components of a computer system
323
324
Features
Provides basic operating system features; support for processors,
protocols, automatic hardware detection, support multi-processing of
applications
Security features; authentication, authorization, access control
Provides names and directory services
Provides files, print, web services, back-up and replication services
325
326
328
329
Example:
330
331
332
www.trainsignaltraining.com/.../ftp_iis7_10.png
333
334
Get: transfer a file from the remote machine to the local machine
Put: transfer from the local machine to the remote machine
Ls or dir: list files in the current directory on the remote machine
Cd: change the current directory on the remote machine
335
336
Travels over private leased lines, shared lines like the internet, wireless
connections, or dial-up lines
Intercepting these data could be harmful as breaking into a computer
Interruption of communications could constitute a remote denial-ofservice attack
Diminishing users use of and trust in
the system
337
Novell NetWare
Is a NOS
Used cooperative multitasking to run several services on a PC
File sharing instead of disk sharing
NDS (Novell Directory Services)
Server administration
Desktop Management
Software distribution
Integrated cache
Enhanced security
338
339
340
Linux
Free OS based on Unix standards
Provides a programming interface and user interface
Core Linux OS kernel is original, but allows much existing free Unix
software to run
Multiuser system, providing protection between processes and running
multiple processes according to a time-sharing (or multitasking)
scheduler
Multiple networking protocols can be accessed simultaneously
through socket interface
341
342
Windows XP Installation
344
345
Once the boot from CD-ROM has started, it will display at the top of the
screen :
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
The system will try to connect via the Internet to the Microsoft website, you can select to "Skip" that step.
You will be prompted to enter the first Usernames (which will be defined as Administrators)
366
ALL SET TO GO
367
368
Windows Server 2003 operating systems take the best of Windows 2000
Server technology and make it easier to deploy, manage, and use. The
result: a highly productive infrastructure that helps make your network a
strategic asset for your organization .
Windows Server 2003 SP2 provides enhanced security, increased
reliability, and a simplified administration to help enterprise customers
across all industries.
369
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
Description
Author
Version
Date
1
2
3
4
5
6
7
8
396
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
397
Linux Installation
Installation Requirements
399
400
Realistic installation
Text based
80386 or better
8 MB RAM
GUI based
80486 or Pentium class
16 MB RAM
401
402
403
404
There are two types available, we will choose KDE for this
presentation
GNOME
www.gnome.org
KDE
www.kde.org
405
RedHat Installation
407
Choose the keyboard that best fits your system If no exact match,
choose the best GENERIC match and click Next
408
Choose the mouse that best fits your system If no exact match,
choose the best GENERIC match and click Next
409
Read over the help text in the left and then click Next
410
411
412
Again, for ease of installation and use, leave defaults selected and
click Next
413
414
Choose your time zone by clicking on the map, ex. Pacific Tijuana,
and click Next
415
416
Continue with the option detected for your system and click Next
417
Choose the monitor that best fits your system - If none exist, choose
the best GENERIC monitor and click Next
418
Continue with the video hardware detected for you unless you know it
is incorrect (change it) and click Next
419
Be sure
to read
the
Caution
Note!
420
At this point, you can sit back and relax while RedHat is installed
Depending on the speed of your system, the installation will take
from about 15 minutes to 1 hour
421
Insert a blank, formatted disk into the floppy drive and click Next
422
Congratulations!!!
You can now click Exit to reboot your system and start to use
Linux
423
Description
Author
Version
Date
1
2
3
4
5
6
7
8
424
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
425
Purpose of Naming
427
428
Naming History
1970s ARPANET
Host.Txt maintained by the SRI-NIC
Pulled from a single machine
Problems
Traffic and load
Name collisions
Consistency
DNS related in 1983 by paul mock-apetris (rfcs 1034 and 1035),
modified, updated, and enhanced by a myriad of subsequent rfcs
429
DNS
430
431
432
433
434
435
Description
Author
Version
Date
1
2
3
4
5
6
7
8
436
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
437
438
439
IP address
(32 bit)
ARP
RARP
Ethernet MAC
address
(48 bit)
440
BOOTP
BOOT strap Protocol (BOOTP)
From 1985
Host can configure its IP parameters at boot time
3 services:
IP address assignment
Detection of the IP address for a serving machine
The name of a file to be loaded and executed by the client machine
(boot file name)
Not only assign IP address, but also default router, network mask, etc.
Sent as UDP messages (UDP Port 67 (server) and 68 (host))
Use limited broadcast address (255.255.255.255):
These addresses are never forwarded
441
DHCP
Dynamic Host Configuration Protocol (DHCP)
From 1993
An extension of BOOTP, very similar to DHCP
Same port numbers as BOOTP
Extensions:
Supports temporary allocation (leases) of IP addresses
DHCP client can acquire all IP configuration parameters needed to
operate
DHCP is the preferred mechanism for dynamic assignment of IP
addresses
DHCP can interoperate with BOOTP clients
442
BOOTP Interaction
(b)
(a)
(c)
Argon
128.143.137.144
00:a0:24:71:e4:44
DHCP Server
TFTP
filename
128.143.137.100
Argon
00:a0:24:71:e4:44
DHCP Server
DHCP Request
00:a0:24:71:e4:44
Sent to 255.255.255.255
444
Value
Message Type
DHCPDISCOVER
DHCPOFFER
DHCPREQUEST
DHCPDECLINE
DHCPACK
DHCPNAK
DHCPRELEASE
DHCPINFORM
446
Message Types
447
448
DHCP Operation
DCHP DISCOVER
DCHP OFFER
449
DHCP Operation
DCHP DISCOVER
At this time, the DHCP
client can start to use the
IP address
Renewing a Lease
(sent when 50% of lease
has expired)
If DHCP server sends
DHCPNACK, then
address is released.
450
DHCP Operation
DCHP RELEASE
At this time, the DHCP client
has released the IP address
451
452
453
454
The client should wait a minimum of ten seconds before restarting the
configuration process to avoid excessive network traffic in case of looping.
On receipt of a DHCPDECLINE, the server must mark the offered address
as unavailable (and possibly inform the system administrator that there is a
configuration problem).
If the client receives a DHCPNAK message, the client restarts the
configuration process.
The client may choose to relinquish its lease on a network address by
sending a DHCPRELEASE message to the server.
The client identifies the lease to be released by including its network
address and its hardware address.
456
DHCP Pros
457
DHCP Cons
Uses UDP, an unreliable and insecure protocol
DNS cannot be used for DHCP configured hosts
458
Description
Author
Version
Date
1
2
3
4
5
6
7
8
459
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
460
Operation
A message transfer agent receives mail from either another MTA, a mail
submission agent (MSA), or a mail user agent (MUA). The transmission
details are specified by the Simple Mail Transfer Protocol (SMTP). When a
recipient mailbox of a message is not hosted locally, the message is relayed,
that is, forwarded to another MTA. Every time an MTA receives an email
message, it adds aReceived trace header field to the top of the header of the
message,[4] thereby building a sequential record of MTAs handling the
message. The process of choosing a target MTA for the next hop is also
described in SMTP, but can usually be overridden by configuring the MTA
software with specific routes.
463
A MTA works in the background, while the user usually interacts directly
with a mail user agent. One may distinguish initial submission as first
passing through an MSA port 587 is used for communication between an
MUA and an MSA while port 25 is used for communication between
MTAs, or from an MSA to an MTA, this distinction is first made in RFC
2476.
For recipients hosted locally, the final delivery of email to a recipient
mailbox is the task of a message delivery agent (MDA). For this purpose
the MTA transfers the message to the message handling service component
of the message delivery agent. Upon final delivery, the Return-Path field is
added to the envelope to record the return path.
464
465
466
Description
Author
Version
Date
1
2
3
4
5
6
7
8
467
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
468
Backup
In information technology, a backup or the process of backing up is
making copies of data which may be used to restore the original after a data
loss event. The verb form is back up in two words, whereas the noun
is backup.
Backups have two distinct purposes. The primary purpose is to recover data
after its loss, be it by data deletion or corruption. Data loss can be a common
experience of computer users. A 2008 survey found that 66% of respondents
had lost files on their home PC. The secondary purpose of backups is to
recover data from an earlier time, according to a user-defined data
retention policy, typically configured within a backup application for how
long copies of data are required. Though backups popularly represent a
simple form of disaster recovery, and should be part of a disaster recovery
plan, by themselves, backups should not alone be considered disaster
recovery.
470
Since a backup system contains at least one copy of all data worth saving,
the data storage requirements are considerable. Organizing this storage
space and managing the backup process is a complicated undertaking. A
data repository model can be used to provide structure to the storage. In
the modern era of computing there are many different types of data storage
devices that are useful for making backups. There are also many different
ways in which these devices can be arranged to provide geographic
redundancy, data security, and portability.
471
Types of Backup
There are five types of back up
Normal
Copy
Incremental
Differential
Daily Backup
472
473
474
Select the check box next to any drive, folder, or file that you want to
restore. If the media set you want to work with isn't shown, click Import
File, and then type the path to the catalog for the backup.
To restore system state data, select the check box for System State as well as
other data you want to restore. If you're restoring to the original location, the
current system state will be replaced by the system state data you're
restoring. If you restore to an alternate location, only the registry, Sysvol,
and system boot files are restored. You can only restore system state data on
a local system.
Tip By default, Active Directory and other replicated data, such as Sysvol,
aren't restored on domain controllers. This information is instead replicated
to the domain controller after you restart it, which prevents accidental
overwriting of essential domain information. To learn how to restore Active
Directory, see the "Restoring Active Directory" section of this chapter.
475
Click Next. Click Advanced if you want to override default options, and
then follow steps 57. Otherwise, skip to step 8.
Select the restore location using one of the following options:
Original Location Restores data to the folder or files it was in when it was
backed up.
Alternate Location Restores data to a folder that you designate, preserving
the directory structure. After selecting this option, enter the folder path to
use or click Browse to select the folder path.
Single Folder Restores all files to a single folder without preserving the
directory structure. After selecting this option, enter the folder path to use or
click Browse to select the folder path.
Do Not Replace The Files On My Computer (Recommended) Select this
option if you don't want to copy over existing files.
Replace The File On Disk Only If the File On Disk Is Older Select this
option to replace older files on disk with newer files from the backup.
Always Replace The File On My Computer Select this option to replace
all the files on disk with files from the backup.
476
If they're available, you can choose to restore security and system files using
the following options:
Restore Security:Restores security settings for files and folders on
NTFS volumes.
Restore Removable Storage Database:Restores the Removable
Storage configuration if you archived SystemRoot%\System32\
Ntmsdata. Choosing this option will delete existing Removable Storage
information.
Restore Junction Points, Not The Folder And File Data They
Restores network drive mappings but doesn't restore the actual data to
the mapped network drive. Essentially, you're restoring the folder that
references the network drive.
Click Next, and then click Finish. If prompted, type the path and name of
the backup set to use. You can cancel the backup by clicking Cancel in the
Operation Status and Restore Progress dialog boxes.
When the restore is completed, click Close to complete the process or click
Report to view a backup log containing information about the restore
477
operation.
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
478
An access control list (ACL), with respect to a computer file system, is a list
of permissions attached to an object. An ACL specifies which users or
system processes are granted access to objects, as well as what operations
are allowed on given objects. Each entry in a typical ACL specifies a subject
and an operation. For instance, if a file has an ACL that contains (Alice,
delete), this would give Alice permission to delete the file.
ACL are the basic security feature that is required in any network to control
the flow of traffic. Most of time our network may have servers and clients
for which traffic control is required.
We can also use ACL to classify the traffic. ACLs are used in features like
QOS (Quality of Service), Prioritize traffic and interesting traffic for ISDN.
480
481
482
No
Is there any
Access-list
applied on
interface in
Inbound
direction?
The
packet is
passed to
Routing
Engine
Yes
No
Is there any
macthine rule in
ACL from topdown order?
The
packet is
dropped.
Yes
The
packet is
passed to
RE
No
Yes
Is it
permi
t?
The
packet is
dropped.
483
Single pc
host 192.168.10.5
192.168.10.5
192.168.10.5 0.0.0.0
N/w
200.100.100.0 0.0.0.255
Subnet
200.100.100.32 0.0.0.15
All
any
484
172.16.0.1
172.16.x.x
Router#conf ter
Router(config)#access-list
Router(config)#access-list
Router(config)#access-list
Router(config)#access-list
Router(config)#exit
30
30
30
30
deny 172.16.0.16
deny 172.16.0.17
deny 172.16.0.18
permit any
485
487
488
Router#conf ter
Router(config)#access-list <no> <deny|permit> <protocol>
<source> [<s.port>]
<destination> [<d.port>]
router(config)#exit
<no>
->
100 to 199
<protocol> ->
layer
IP
TCP
UDP
ICMP
IGRP
489
no (1 to 65535) or
telnet/www/ftp etc.
Single pc
192.168.10.4 0.0.0.0
host 192.168.10.4
N/w
200.100.100.0 0.0.0.255
Subnet
172.30.0.32 0.0.0.7
All
Any
490
To display ACL
Router#show access-lists or
Router#show access-list <no>
To display ACL applied on interface
Router#show ip interface
Router#show ip interface <type> <no>
Router#show ip interface Ethernet 0
491
492
Switch#conf ter
Switch(config)#mac access-list extended abc
Switch(config-ext-mac)#deny any host 000d.29bd.4b85
Switch(config-ext-mac)#permit any any
Switch(config-ext-mac)#do show access-list
Switch(config-ext-mac)#int f0/6
Switch(config-if)#mac access-group abc
493
Reflexive ACLs
These ACLs filter IP packets depending upon upper-layer session
information, and they often permit outbound traffic to pass but place
limitations on inbound traffic. You can not define reflexive ACLs with
numbered or standard IP ACLs, or any other protocol ACLs. They can be
used along with other standard or static extended ACLs, but they are only
defined with extended named IP ACLs.
494
Time-Based ACLs
In this you can specify a certain time of day and week and then
identity that particular period by giving it a name referenced by a
task. The reference function will fall under whatever time constraints
you have dictated. The time period is based upon the routers clock,
but it is highly recommended that using it in conjunction with
Network Time Protocol (NTP) synchronization.
Router#conf ter
Router(config)#time-range no-http
Router(config-time-range)#periodic <Wednesday|weekdays|
weekend> 06:00 to 12:00
Router(config-time-range)#exit
Router(config)#time-range tcp-yes
Router(config-time-range)#periodic weekend 06:00 to 12:00
Router(config-time-range)#exit
495
496
Description
Author
Version
Date
1
2
3
4
5
6
7
8
497
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
498