Professional Documents
Culture Documents
Network Book New - 1
Network Book New - 1
Part 1
Introduction to Networking
Classifying Network by Geographical Area
Classifying Network by Network Topology
Classifying Network by Network Model
Network Terms
CSMA/CD
Types of Switching
Differences between Bandwidth and Speed
Network Standardization & Organizations
History of Computer Network & Internet Growths
About IP Address
Regional Internet Registries (RIRs)
IPv4 Addressing
OSI 7 Layers
Protocols & TCP/IP Utilities
Link Layer Protocols
Ethernet Frame Format
Network Layer Protocols
IPv4 Packet Format
IPv6 Packet Format
ICMP Message Format
Transport Layer Protocols
TCP & UDP Header Format
Application Layer Protocols
IPv6 Addressing
VPN (Virtual Private Network)
Network Security
Cloud Computing …
Network Devices
Network Interface Cards
Network Cables and Connectors …
Network Interface Management
Optical Spectrum and Fiber Optic Cable
WAN
❖ Networking
○ Device Information (Data) Devices Shared
Devices Communication Devices
Networking
❖ Networking Advantages
○ Sharing Data
○ Sharing Software
○ Sharing Hardware
❖ Networking Disadvantages
○ Data Unsecure
○ Unauthorized Access
○ Maintenance Problems
Network Nodes
(Server , Client (PCs) , Phones , etc..)
Network Protocols
(IP , TCP , IP , HTTP , FTP , etc..)
❖ Network Categories
○ Network Environment Network
○ Network (4)
1. LAN
2. WAN
3. MAN
4. CAN
5. PAN
6. SAN
LAN
○ Local Area Network
○ (OR) Apartment Network OR
Networks Interconnect Internetwork LAN Routers
○ Networks LAN
○ LAN High Speed Network
○ Ethernet LAN Network
○ SOHO (Small Office / Home Office) LAN
○ Internet WAN
○ Internet Sites Network WAN
○ WAN Sites
○ WAN Speed LAN Speed
WAN Technologies
Baseband and Broadband
Packet Switching and Circuit Switching
POTS and ISDN Network
Synchronous Channel and Asynchronous Channel
MAN Technologies
Metro Ethernet
FDDI
ATM
SAN
○ Storage Area Network
○ Storage Devices Very High Speed Data Network
○ SAN LAN or MAN or WAN Network Segment LAN / MAN / WAN Data
Stored Network Location
Bus Components
○ Bus Network Coaxial Cable Create
○ Central Shared Cable (Bus Cable) Coaxial Cable
○ Bus Network Nodes Transceiver Transceiver Bus Network
Card
○ Transceiver Computer Digital Signals Bus Network Signals
Barrel Connector
Signal Bounce
○ Signal Bounce Data Network Loop
Data Package Computer Data Package Signals 2
Bounce Bus (Trunk) Signal 2 Data Lost
Computers Retransmit
○ Signals Bounce Problem Bus Network Loop Signal Bounce Terminators
( )
○ Bus Network Terminators Bus (Trunk)
Terminator Segment Computers
Communicate
○ Terminators Resistance Terminators
Bus Network Terminators 50 Ohms
BNC Connectors
○ Bayonet Neil Concelman
○ Coaxial Cable
▪ Thinnet (10Base2)
▪ Thicknet (10Base5)
▪ Cables
▪ Lower Costs to Establish
○ MAU RO MAU RI
Full Mesh
○ Network Nodes Network Nodes One Connection
Connected
Full Mesh
○ Full Mesh are also used in highly available and highly fault-tolerance WAN Sites.
Partial Mesh
○ Client Computer
▪ Hardware Computers Desktop PCs (Cloned / Branded /
Workstation / All In One) Computers Laptop Computers
▪ Software PC Operating Systems Windows XP , Vista , 7 , 8 , 8.1 , 10
Server
○ Computer
▪ Computers Management
▪ Computers Resources / Services
▪ Computers Authentications Authorizations
○ Server Computer
▪ Hardware High Performance Computers Server Hardware
▪ Software NOS Operating Systems (Network Operating System)
Windows 2000 Server
Windows Server 2003
Windows Server 2003 R2
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Backbone
Node/Host
❖ Internet
○ A journey of a thousand sites.
○ Early….Sneaker net , 1960s … ARPANET is Created , 1980s …. Internet
○ Internet ARPANET (Advanced Research Projects Agency Network) Developed
❖ Extranet
○ Extranet Intranet Network Extranet
○ LANs Extranet
○ MAN Extranet
○ Extranet Company Company Branch Sites
Interconnect Network
❖ Ethernet
○ Ethernet Ethernet Twisted Pair (UTP) Cables RJ45
Network
○ Ethernet Coaxial Cables Coaxial Cables
Networks Ethernet
○ Ethernet Mediums Cable Types
○ IEEE 802.3 Standards Networks Ethernet LAN Ethernet
Latency
• Delay between source and destination.
• Delay occurs because of
▪ Distance
▪ Routing
▪ Interference / Noise
Jitter
• Variation in latency during an transmission
• Jitter impacts real-time applications like voice calling and video streaming
Bottleneck
• Bandwidth become slower at some where in network. EG ISP Link
• Ethernet permits only a single frame to be on a network segment at any one time.
• So, before a device in this network transmits, it listens to the wire to see if there is
currently any traffic being transmitted.
• If no traffic is detected, the networked device transmits its data. However, what if two
devices simultaneously had data to transmit?
• If they both listen to the wire at the same time, they could simultaneously, and
erroneously, conclude that it is safe to send their data.
• However, when both devices simultaneously send their data, a collision occurs.
• A collision cause data corruption.
• Ethernet was designed with a mechanism to detect collisions and allow the devices
whose transmissions collided to retransmit their data at different times.
• Specifically, after the devices notice that a collision occurred, they independently set
a random back off timer.
• Each device waits for this random amount of time to elapse before again attempting
to transmit.
Carrier sense: A device attached to an Ethernet network can listen to the wire, prior to
transmitting, to make sure that a frame is not currently being
transmitted on the network segment.
Multiple access: Unlike a deterministic method of network access (for example, the
method used by Token Ring), all Ethernet devices simultaneously
have access to an Ethernet segment.
Collision detect: If a collision occurs (perhaps because two devices were simultaneously
listening to the network and simultaneously concluded that it was safe
to transmit), Ethernet devices can detect that collision and set random
back off timers. After each device’s random timer expires, each device
again attempts to transmit its data.
Even with Ethernet’s CSMA/CD feature, Ethernet segments still suffer from scalability
limitations.
Broadcast Domain
• A standard switch is known as a layer 2 switch and is commonly found in nearly any
LAN
• Layer 3 or layer 4 switches require advanced technology and are more expensive, and
thus are usually only found in larger LANs or in special network environments.
Types of CAM
• There are two types of CAM (Hardware Architecture)
1. Binary CAM
(Used in L2 Switches, Two States 0 or 1)
2. Ternary CAM
(Used in L3 Switches and Routers, Three States 0 or 1 or care/don't care bit)
Layer 4 Switching
• Layer 4 switching means hardware-based layer 3 switching technology that can also
consider the type of network traffic (for example, distinguish between HTTP, FTP or
VoIP).
• Layer 4 switching provides additional datagram inspection by reading the port numbers
found in the Transport layer header to make routing decisions (i.e. ports used by UDP
or TCP).
• The largest benefit of layer 4 switching is that the network administrator can configure
a layer 4 switch to prioritize data traffic by application, which means a QoS can be
defined for each user.
○ Fragment Free Switching Cut Through Switching Store and Forward Switching
Methods Switching Method
○ Fragment Free Switching Frame Collision
Frame Forward
○ Fragment Free Switching Frame Receive Frame
64 Bytes Receive Frame Network Collision
Forward
○ Fragment Free Switching Entire Frame Frame
Forward FCS Frame Error
Collision
○ Entire Frame Delay
Collision Frames Destination
• A link in a network is determined by two factors, bandwidth and speed. These are
usually the same but not always.
• Definition: Speed is bit rate of the circuit while bandwidth is the amount of “speed”
available for use.
• As an example, a 500 Megabit Ethernet MPLS service which uses a 1 Gigabit Ethernet
connection to site would have a bandwidth of 500Mbps and a speed of 1 Gbps.
1. De facto Standards
▪ De facto standards Based Standard All vendors
De facto standards Vendors Network
2. Proprietary Standards
▪ Proprietary standards Vendor Create
Standard Vendor
▪ Vendor
▪ EG. (Cisco , Unix , IBM , etc..)
3. Open Standards
▪ Open standards Vendor Create
Creation Vendors Upgrade
▪ Vendors Create
▪ EG. (USB , Wireless , Linux , etc..)
Inactive Groups
▪ 802.2 Logical Link Control Working Group
▪ 802.5 Token Ring Working Group
Disbanded Groups
▪ 802.4 Token Bus Working Group
▪ 802.6 Metropolitan Area Network Working Group
▪ 802.7 Broadband TAG
▪ 802.8 Fiber Optic TAG
▪ 802.9 Integrated Services LAN Working Group
▪ 802.10 Security Working Group
▪ 802.12 Demand Priority Working Group
▪ 802.14 Cable Modem Working Group
▪ QOS/FC Executive Committee Study Group
○ 1988 US Government
○ Playa Vista , California , US
○ Non-profit Organization
○ IANA Internet
▪ Global IP Address (IPv4 and IPv6 Addresses) Allocation
▪ Autonomous System (AS) Number Allocation
▪ Domain Name System Management (DNS) Root Zone Management
▪ MIME Type / Content Type (Media Types) Management
(Multipurpose Internet Mail Extensions)
▪ Internet Protocol Symbols and (Port) Numbers Management
▪ Time Zone Management
Internet-Drafts
○ Internet-Drafts IFTF Deploy Information Data
Documents
○ IP Address types 2
▪ IPv4 (Internet Protocol Version 4)
▪ IPv6 (Internet Protocol Version 6)
Address Space
○ IPv4 32 bits IPv4 Addresses Limits 232 IP Addresses
9
4,294,967,296 (Nearly 4.3 Billions) (10 )
(4.3 Billions Addresses Block Private Network Addresses (18 Millions)
Multicast Addresses (270 Millions) Reserved )
Standardization
○ 1981 IPv4 IETF publication RFC 791 Standardized
○ 1995 128-bits IPv6 IETF publication RFC 2460 Standardized
Transmission Guarantee
○ IPv4 (Internet Protocol Version 4) Protocol IPv6 (Internet Protocol Version 6) Protocol
Connection Less Protocol Data Guarantee IP Addresses Data
Guarantee Upper Layer Protocol TCP Protocol
41.0.0.0/8 2C00::/12
102.0.0.0/8 2001:4200::/23
105.0.0.0/8
154.0.0.0/8
165.255.0.0/16
196.0.0.0/8
197.0.0.0/8
ARIN
96 to 100.0.0.0/8 205.0.0.0/8
104.0.0.0/8 206.0.0.0/8
107.0.0.0/8 207.0.0.0/8
108.0.0.0/8 208.0.0.0/8
135.0.0.0/8 209.0.0.0/8
136.0.0.0/8 216.0.0.0/8
142.0.0.0/8
147.0.0.0/8
162.0.0.0/8
166.0.0.0./8
172.0.0.0/8
IPv4 Block IPv4 Block IPv4 Block IPv4 Block IPv6 Block
177.0.0.0/8 2001:1200::/23
179.0.0.0/8 2800:0000::/12
181.0.0.0/8
186.0.0.0/8
187.0.0.0/8
189.0.0.0/8
190.0.0.0/8
191.0.0.0/8
200.0.0.0/8
201.0.0.0/8
○ ( 172.16.30.56 ) IP Address
172 . 16 . 30 . 56
(Octet) . (Octet) . (Octet) . (Octet)
172 . 16 . 30 . 56
1. Public IP Address
to
0111 1111. 1111 1111 . 1111 1111 . 1111 1111
(126) . (255) . (255) . (255)
to
1011 1111. 1111 1111 . 1111 1111 . 1111 1111
(191) . (255) . (255) . (255)
to
1101 1111. 1111 1111 . 1111 1111 . 1111 1111
(223) . (255) . (255) . (255)
Class E
○ Class E Network 240 to 255 Range
○ Research and Futures
10.0.0.1
255.0.0.0 ( IP Address Class A Subnet Mask )
192.168.1.1
255.255.255.0 ( IP Address Class C Subnet Mask )
1111 0111 . 1100 1000 . 1011 1100 . 0000 1111 (IP Address Binary)
1111 1111 . 1100 0000 . 0000 0000 . 0000 0000 (Subnet Mask Binary)
1 1 1 1 1 1 1 1
27 26 25 24 23 22 21 20
128x1 64x0 32x1 16x1 8x1 4x0 2x1 1x1
128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255
0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 . 0 0 0 0 …. 0
/1 /2 /3 /4 /5 /6 /7 /8 . /9 /10 /11 /12 /13 /14 /15 /16 /17 /18 /19 /20 . /32
Network Address 0 64
Example
OR
All 0 (0.0.0.0)
In DHCP Environment
○ Client Dynamic IP Address DHCP Server IP Address
DHCP Server Client IP Address
(Client DHCP Server DHCP Discovery Message )
In Server Environment
○ Server Environment (0.0.0.0) IP Address Traffic
Server Every Interfaces Traffic
○ Server Multiple Interfaces Server Interfaces
Traffics (0.0.0.0) IP Address
Loopback Address
○ (127.0.0.1) (127.0.0.1/8)
○ Loopback Address Traffics
Address
○ Operating Systems Applications Testing
Networking Network Card Troubleshooting
○
1. Static IP Assign Network DHCP Server
Dynamic IP (OR)
Disabling APIPA
○ APIPA Address Microsoft Windows Default Enabled
Disabled Windows Registry Value Key Value 0
3 Addresses = 22 = 4
Subnet Mask = 1111 1111 . 1111 1111 . 1111 1111 . 1111 1100
Subnet Mask = 255.255.255.252
10.0.1.0 = 00001010.00000000.00000001.00000000
10.0.0.0 = 00001010.00000000.00000000.00000000
Wildcard =00000000.00000000.00000001.11111111
ARPANet Expanding
○ (1969), Initial state of ARPANet consisted of four nodes.
SDS Sigma 7 ---> University of California, Los Angeles (UCLA)
SDS 940 --> Augmentation Research Center at Stanford Research
Institute
IBM 360/75 --> University of California, Santa Barbara (UCSB)
DEC PDP -10 -->University of Utah's Computer Science
Department
○ 1970, the ARPANet reached the East Coast of the United States, Cambridge,
Massachusetts was connected to the network.
○ Later many others computers and nets connected to ARPANet and In 1981, the
number was 213 host computers.
○ In 1973 a transatlantic satellite link connected the Norwegian Seismic Array
(NORSAR) to the ARPANet, making Norway the first country outside the US to be
connected to the network.
IP and NCP
○ ARPA used Internet Protocol (IP) as addressing service and packet transportation
services by using Network Control Protocol (NCP).
○ As the ARPANet grew, however, a new protocol was needed because NCP was not
able to fulfill all the needs of a larger network.
Physical topology
○ Only Physical Topology (Not include Logical Topology)
○ Bus, Star, Ring, Mesh, etc..
Asynchronous
▪ A sender indicates that it is about to start transmitting by sending a start bit
to the receiver.
▪ When the receiver see this, it starts its own internal clock to measure the
subsequent bits.
▪ After the sender transmits its data, it sends a stop bit to indicate that it has
finished its transmission
Synchronous
▪ Both the sender and the receiver are synchronizes their internal clocks to
ensure that they agree on when bits begin and end.
▪ To make this synchronization happen is to use an external clock (for
example, a clock provided by a service provider).
Multiplexing strategy
○ Physical Layer also defined multiplexing technologies used for current connectivity.
○ Common multiplexing technologies are
Time-division multiplexing (TDM)
Frequency-division multiplexing (FDM)
Statistical time-division multiplexing (StatTDM)
Transmission Mode
○ The physical layer also defined transmission mode between two devices
Simplex
Duplex
Half-Duplex
Full-Duplex
Transmission Types
○ Network Mediums Data Transmission Transmission types 2
1. Analog
2. Digital
Analog Transmission
Amplitude
Wavelength
Frequency
Phase
○ In AM , FM , PM , QAM modulated Analog Signals are filter by "bandpass" (High Pass Filter and Low
Pass Filter) to become digital signal.
Baseband
• Baseband used Digital Signals.
• Baseband used signals have very narrow frequency range.
▪ Nearly 0 Frequency (0 Hertz)
• Single Channel (Single Communication Pathway) in one medium.
• Baseband used entire bandwidth only for Single Channel.
• Baseband support bi-directional transmission. (Single medium not only send but also receive)
• Baseband support short distance signal travelling.
• Baseband used mediums are
▪ IEEE 802.3x Standards are Baseband
▪ (Ethernet , Token Ring are baseband) [BASE Acronym Standards > 100BASET]
▪ Most LAN are baseband.
▪ Coaxial Cable (Network Only)
▪ Fiber Optic Cable (Single Mode)
▪ Serial Cable
▪ Twisted Pairs Cable
Broadband
• Broadband used Analog Signals.
• Broadband used signals have multiple different frequency ranges. (Multiple Frequencies , Hertz)
• Multiple Channels (Multiple Communication Pathways) in one medium.
• Broadband used shared bandwidths for all channels.
• Broadband support unidirectional transmission. (One medium is for send , Another medium is for
receive)
• Broadband support long distance signal travelling.
• Broadband used mediums are
▪ All other IEEE Standards except IEEE 802.3x
▪ MANs and WANs are Broadband
▪ Phone , Mobile Phone , Radio , TV Broadcasting [BROAD Acronym Standards > 10BROAD36]
▪ Wireless (Wi-Fi and Wi-MAX)
▪ Coaxial Cable (TV , Satellite)
▪ Fiber Optic Cable(Multi-Mode)
▪ DSL
▪ ADSL
▪ Cable Modems
○ MAC Address used three types of EUI Standard ('Extended Unique Identifier')
The First 3 Octets (8x3 = 24) 24 bits, called 'Individual Address Block (IAB)' is
managed by IEEE Registration Authority. It is also called Organizationally Unique
Identifier (OUI).
Followed by 3 Octets 24 bits, called "Vendor Specific Address". It has 2 portions,
The first 12 bits is assigned by organization and represent block
code
The Second 12 bits is also assigned by organization and it is range
of addresses.
36:DE:1A : 65:C3:F4
36:DE:1A : 65:C3:F5
cmd>getmac (or)
cmd>ipconfig /all
Example :
06-00-00-00-00-00 the first octet is 06 (hex),
the binary form of which is 00000110,
where the second-least-significant bit is 1.
Connection Services
○ When a device on a network receives a message from another device on the
network, that recipient device can provide feedback to the sender in the form of
an acknowledgment message.
○ The two main functions provided by these acknowledgment messages are as
follows,
Flow Control
• Limits the amount of data a sender can send at one time; this prevents
the receiver from being overwhelmed with too much information.
Error Control
• Allows the recipient of data to let the sender know whether the
expected data frame was not received or whether it was received but
is corrupted.
• The recipient determines whether the data frame is corrupted by
mathematically calculating a checksum of the data received.
• If the calculated checksum does not match the checksum received with
the data frame, the recipient of the data draws the conclusion that the
data frame is corrupted and can then notify the sender via an
acknowledgment message.
Asynchronous Transmission
▪ With asynchronous transmission, network devices reference their own
internal clocks, and network devices do not need to synchronize their clocks.
▪ Instead, the sender places a start bit at the beginning of each data frame
and a stop bit at the end of each data frame.
▪ These start and stop bits tell the receiver when to monitor the medium for
the presence of bits.
▪ ATM, Dial-up Connections
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
ARP Commands
Commands Descriptions
Proxy ARP
○ Allow a router to respond to an ARP request that is intended for a remote host.
Logical Addressing
○ The network layer uses logical addressing to make forwarding decisions.
○ A variety of routed protocols such as Internet Protocol (IP), Apple Talk, IPX make
logical addressing.
Switching
○ The term switching is often associated with Layer 2 technologies.
○ However, the concept of switching also exists at Layer 3 so it can call Layer 3
Switching.
○ Layer 3 Switching making forwarding decisions by using the following
techniques..
Packet Switching
Circuit Switching
Message Switching
Connection Services
○ Just as the data link layer provided connection services for flow control and error
control, connection services also exist at the network layer.
Packet Reordering
Packet Reordering
• Allows packets to be placed in the appropriate sequence as they are sent to the
receiver.
• This might be necessary because some networks support load balancing, where
multiple links are used to send packets between two devices.
• Because multiple links are used, packets might arrive out of order.
• Similarly, data streams coming from lower layers are De-capsulated and sent to
Layer 5 (the session layer), or some other upper layer, depending on the protocol.
Windowing
○ TCP communication uses windowing, in that one or more segments are sent at
one time, and a receiver can acknowledge the receipt of all the segments in a
window with a single acknowledgment.
▪ The window size begins with one segment.
▪ If there is a successful acknowledgment of that one segment the window
size doubles to two segments.
▪ Window size continues increases (double) until
1. the receiver does not acknowledge successful receipt of all segments
within a certain time period (known as the Round-Trip Time [RTT],
which is sometimes called Real Transfer Time [RTT] ) OR
2. the configured maximum window size is reached.
Setting up a session
Checking user credentials (for example, username and password)
Assigning numbers to a session’s communications flows to uniquely identify
each flow
Negotiating services required during the session
Negotiating which device begins sending data
Maintaining a session
Transferring data
Reestablishing a disconnected session
Acknowledging receipt of data
Data Formatting
○ Some applications might format text using American Standard Code for
Information Interchange (ASCII), while other applications might format text
using Extended Binary Coded Decimal Interchange Code (EBCDIC).
○ The presentation layer is responsible for formatting the text (or other types of
data, such as multimedia or graphics files) in a format that allows compatibility
between the communicating devices.
○ Example of Data Formatting such as ASCII, EBCDIC, JPEG, BMP, MPEG, MP3,
etc..
Application Services
○ Examples of the application services residing at the application layer include file
sharing and e-mail.
Service advertisement
○ Some applications’ services (for example, some networked printers) periodically
send out advertisements, making the availability of their service known to other
devices on the network.
○ Other services, however, register themselves and their services with a centralized
directory (for example, Microsoft Active Directory), which can be queried by other
network devices seeking such services.
○ Protocols ( ) Standards
Protocol Technologies (Software or Hardware)
Companies Protocols
Application Layer Protocols DNS , HTTP , SSL , Telnet , SSH , FTP , TFTP , NFS ,
SMB , SNMP
Network Layer Protocols NetBIOS , IPX , Apple Talk , IP , ICMP , IGMP , RIP ,
IGRP , EIGRP , ISIS , OSPF , BGP
ARP
RARP
NDP
SEND
PPP
Tunneling Protocols (L2TP , PPTP)
ARP
○ Address Resolution Protocol (RFC 826)
○ OSI 7 Layers Layer 2 (Data Link Layer) Protocol Layer 2
MAC Address Layer 3 IP Address Mapping Protocol
○ ARP IP Address MAC Address
IP Address IP Address MAC Address
Preamble Field
• Preamble Field Original Ethernet Version 56 bits (7 bytes) Field
Ethernet Version 2 64 bits (8 bytes)
• Communication Nodes Clock Synchronize Field
Frame Header
• Ethernet Version 2 Frame Preamble Value
Fix Value Frame Header
• Layer 2 Frame Header Destination MAC Address Field
Layer 2 Frame Header Fields
Destination MAC Address Field
Source MAC Address Field
VLAN Tagging Field <Optional>
Type/Length Field
Type/Length Field
• Ethernet Version 1 (802.3) Length Field Ethernet Version 2 (802.3x)
Type Field
• Type/Length Field 16 bits (2 bytes) Payload (Layer 2) Data Link
Layer Protocol 'EtherType' Field
• Frame Frame
'Inter Frame Gap'
• Inter Frame Gap Value Interface Transfer Rate Connection Speed (Network
Medium Speed)
• 12 bytes Data Transfer Fast Ethernet Gap
9.6 microseconds Gigabit Ethernet Gap 0.096 microseconds
NetBIOS-NS
○ Name service operates on UDP port 137 (TCP port 137 can also be used, but rarely is).
○ The name service primitives offered by NetBIOS are:
▪ Add name – registers a NetBIOS name.
▪ Add group name – registers a NetBIOS "group" name.
▪ Delete name – un-registers a NetBIOS name or group name.
▪ Find name – looks up a NetBIOS name on the network.
NetBIOS name resolution is not supported by Microsoft for Internet Protocol Version 6
(IPv6)
NetBIOS-DGM
○ Datagram mode is connectionless; the application is responsible for error detection and
recovery. In NBT, the datagram service runs on UDP port 138.
○ The datagram service primitives offered by NetBIOS are:
▪ Send Datagram – send a datagram to a remote NetBIOS name.
▪ Send Broadcast Datagram – send a datagram to all NetBIOS names on the
network.
▪ Receive Datagram – wait for a packet to arrive from a Send Datagram operation.
▪ Receive Broadcast Datagram – wait for a packet to arrive from a Send Broadcast
Datagram operation.
NetBIOS-SSN
○ Session service runs on TCP port 139.
○ The session service primitives offered by NetBIOS are:
▪ Call – opens a session to a remote NetBIOS name.
▪ Listen – listen for attempts to open a session to a NetBIOS name.
▪ Hang Up – close a session.
▪ Send – sends a packet to the computer on the other end of a session.
▪ Send No Ack – like Send, but doesn't require an acknowledgment.
▪ Receive – wait for a packet to arrive from a Send on the other end of a session.
NetBIOS Name
○ NetBIOS Name 16 ASCII Characters Computer Name
NetBIOS Name 15 NetBIOS Name 1 ASCII
Character NetBIOS Suffix
NetBIOS ASCII Characters 15 Device
Unique Name
ACSII Character 1 NetBIOS Suffix Name
NetBIOS Running Computer
Service Offer Suffix Name Suffix
Name Run OS Service
NetBIOS Protocol Auto
Unique names
1D Master Browser
Group names:
1. Click Start, and then click Network. (Or you type ncpa.cpl into the search box, and
press ENTER).
2. Click on the Network and Sharing Center, and then click Manage Network
Connections.
3. Right click on the Local Area Connection or the connection you are using, and then
select Properties.
❖ Apple Talk
○ Apple Talk Macintosh Environments Communication
Protocol
○ Apple Talk Protocol Suite Apple Hardware / OS Compatible
2. Phase 2
○ Phase 2 Large Network
○ 200 Nodes Support
○ Phase 2 Extended Networks Multiple Networks
Subnet
○ IP Services
Routing
Addressing
Name Resolution
Application Support
○ Internet Protocol (IP) Only IP Protocol Connectionless (Unreliable)
Protocol
○ Reliable Internet Protocol (IP) TCP
Destination Address
○
▪ Network Administrator Routes Manually
▪ Network Routes
▪ Routes Network Fail
▪ Manually Routes Maintain t
Host Route
Host Route Path Static
Route Host Route Static Route
▪ Performance Routers
○ Routing Protocols ( ) AS
○ Magnitude Links
3. Routing Table
○ Link State Routing Protocols OSPFv2 , OSPFv3 , IS-IS , IS-IS for IPv6
Differences Between Distance Vector Routing Protocols and Link State Routing Protocols
○ Distance Vector Routing Protocols Link State Routing Protocols
Types of NAT
○ NAT Features NAT 3
1. Static NAT (One to One)
2. Dynamic NAT (Many to Many)
3. NAT Overloading (PAT) (Many to One)
Advantages Disadvantages
Advantages of NAT(NAT )
○ Legally Registered Addresses
○ IP Addresses
○ Internal Network WAN
○ Network IP Address Convert The Whole
Network IP
The order in which the transactions are processed using NAT is based on whether a
packet is going from the inside network to the outside network or from the outside
network to the inside network.
Router(config)#int e0/0
Router(config-if)#ip nat inside
• IPv4 Packet
Layer 3 Information Header
20 bytes 60 bytes
Upper Layer (7 to 4) Information Data SDU
Data Portion
• Network IP Packet Size Header Only Data
20 bytes 65,536 bytes
Internet Path IPv6 Min 1280 bytes to Max 64KB (With Jumbogram up to 4GB)
Ethernet v1 (Original) Min 64 bytes to Max 1492 bytes (Ethernet LLC and SNAP)
WLAN (802.11) Min 64 bytes to Max 2304 bytes (Encryption Added More)
(WEP 8 bytes, WPA-TKIP 20 bytes, WPA2 16 bytes)
Identification Field
• Interface Packet Source Identification Field
Information Fragmented Pieces Reassembly
Flags Field
• 3 bits Field Packet Network Routers
Packet Fragmentation Value Field
• bit Position Value 'Reserved Fragment' RF bit
• bit Position Value 'Don't Fragment' DF bit bit 1
Packet Fragmentation
• bit Position Value 'More Fragment' MF bit Fragment
Packet 1 Interface Fragment
Fragment Field
Reassembly Flag Field Fragmentation bits
Fragment
▪ 1480/8 = 185
▪ 2960/8 = 370
▪ 4440/8 = 555
0x70 112 VRRP Virtual Router Redundancy Protocol, Common Address VRRP:RFC
Redundancy Protocol (not IANA assigned) 3768
0x73 115 L2TP Layer Two Tunneling Protocol Version 3 RFC 3931
0x7C 124 IS-IS over IPv4 Intermediate System to Intermediate RFC 1142 and RFC
System (IS-IS) Protocol over IPv4 1195
0x87 135 Mobility Header Mobility Extension Header for IPv6 RFC 6275
Option Field
• IPv4 Packet Testing Debugging Option Field
[4500 003c 1c46 4000 4006 b1e6 ac10 0a63 ac10 0a0c]
‘be16’ corresponds to the checksum which is set at the source end (which sent the
packet).
‘ac10’ and ‘0a0c’ correspond to the source IP address and the destination IP address
in the IP header.
Payload Field
• 16 bits Field IPv6 Packet Data Size (Payload Only, Not Include Header)
Field
• 16 bits 65,535 bytes Normal IPv6 Packet
Payload Size Maximum 65,635 bytes
• IPv6 Extension Header Jumbo Payload "Jumbogram"
Feature
• Jumbo Payload Up to 4GB
• Payload Field IPv6 Packet Payload Size Jumbo Payload
65,535 bytes 16 bits
IPv6 Jumbo Payload Payload Field '0' Value
Destination Field
• Destination Field Packet Final Destination IPv6
Address 128 bits
• IPv6 Packet Extension Header 'Routing Extension Header'
Destination Address Field Final Destination Address Next Hop
Destination Address
4 bytes Field
▪ Message Types 4 bytes Address Information
Message Types
▪ All 0 Values
Error Reporting
Network Diagnostics
Neighbor Discovery
Multicast Membership Reporting
Router Solicitation and Router Advertisement
Type Field
○ 8 bits Field ICMPv6 Message
Code Field
○ 8 bits Field ICMPv6 Message Type Sub-type
○ Type Field ICMP Message Type
Specific Sub-type Field
Checksum Field
○ 16 bits Field ICMPv6 Message (Header + Data) Checksum Value
Ping Options
1. Connection-Oriented Protocol
○ Connection-Oriented Protocol
▪ Data Send End-to-End Connection (Session) Create
End-to-End Connection Establish Data
▪ Data .. Data
Accept Re-Arrange Received
▪ Data Transfer Complete Check (Error-Checking)
▪ Connection-Oriented Protocol Handshaking
Session Create Communication
▪ Handshaking Rules Transmission Speed
Port Transmission
❖ NetBEUI
○ NetBIOS Enhanced User Interface
○ NetBIOS Protocol Transport Layer Protocol
○ 1985 , IBM Create NetBIOS Protocol Token Ring Network
Transport Layer Protocol
○ NetBEUI Microsoft
Novell NetWare IPX/SPX NetBIOS over IPX/SPX (NBX)
Protocol
OSI 7 Layer Compatible TCP/IP Protocol Suites
NetBIOS over TCP/IP (NBT) .
❖ SPX
○ Novell IPX Protocol Transport Protocol
○ SPX Connection-Oriented Protocol Reliable , Error-Detect , Retransmission
❖ ATP
○ Apple Talk Transaction Protocol
○ Apple Platform Addressing Protocol Apple Talk Transport Protocol
○ Connection-Oriented Protocol
○ TCP
▪ Destination Address
▪ Data TCP Sizes Adjustment
▪ Data Data Node
TCP Data Accept
Complete Data User
▪ Complete Data Data TCP Data
UDP
Error Detection Function
Error Recovery Function
UDP TCP
1. Interfaces States
○ (Establish, Listen, .)
. Utilities
State Description
LISTEN • waiting for a connection request from any remote TCP and port.
FIN-WAIT-1 • waiting for a connection termination request from the remote TCP,
or an acknowledgment of the connection termination request
previously sent.
CLOSE-WAIT • waiting for a connection termination request from the local user.
Started Packet Sender always generate 'Sequence Number' and at this time,
'Acknowledge Number' must be '0'.
Receiver respond 'Acknowledge Message' with Acknowledge Number.
Receiver respond 'Acknowledge Number' = Given Sequence Number + 1.
Sender send 'Next Packet' with the 'Original Acknowledge Number Increment by
1'.
Flag Description
Value
ACK Acknowledgement.
PSH This flag means Push function. Using this flag, TCP allows a sending application
to specify that the data must be pushed immediately. When an application
requests the TCP to push data, the TCP should send the data that has
accumulated without waiting to fill the segment.
RST Reset the connection. The RST bit is used to RESET the TCP connection due to
unrecoverable errors. When an RST is received in a TCP segment, the receiver
must respond by immediately terminating the connection. A RESET causes both
sides immediately to release the connection and all its resources. As a result,
transfer of data ceases in both directions, which can result in loss of data that is
in transit. A TCP RST indicates an abnormal termination of the connection.
SYN This flag means synchronize sequence numbers. Source is beginning a new
counting sequence. In other words, the TCP segment contains the sequence
number of the first sent byte (ISN).
FIN No more data from the sender. Receiving a TCP segment with the FIN flag does
not mean that transferring data in the opposite direction is not possible. Because
TCP is a fully duplex connection, the FIN flag will cause the closing of connection
only in one direction. To close a TCP connection gracefully, applications use the
FIN flag.
• Additional Flags..
Flag Description
Value
CWR Congestion Window Reduced (CWR) flag is set by the sending host to indicate
that it received a TCP segment with the ECE flag set and had responded in
congestion control mechanism.
ECE ECN-Echo.
○ MTU Size 1500 bytes 12,500 bytes / 1500 byte = 8.3, Nearly
9 Segments.
Padding Field
• Options Field Padding bits Options Field
Length Field
• 16 bits (2 bytes) Field UDP Datagram (Header + Data) Size
Field
• UDP Header Length Fix 8 bytes Data (PDU) Size 16 bits
65,505 bytes
Checksum Field
• 16 bits (2 bytes) Field UDP Header UDP Payload UDP Segment
Checksum Value
❖ Hypertext Transfer Protocol over Secure Socket Layer (HTTPS) (SSL) (Port 443)
○ HTTPS HTTP Protocol Secure Sessions SSL Tunnel
❖ DHCP Clients
○ DHCP Client DHCP Server IP Configurations
○ Request Every Windows Built-In Program
Program Client Access Program
○ Windows Client Access Program " DHCP Client " Name
○ " DHCP Client " Program Every Windows Startup Automatically
Start
○ " DHCP Client " Program Services.msc " DHCP Client " Service
❖ DHCP Server
○ DHCP Server IP Request Reply Program / Service
❖ DHCP-Discover
○ DHCP Clients Network DHCP Server Broadcast
Message
○ Clients IP Address Clients Discovery
'DHCP-Discover' Packet Source IP Address "Unspecified Address"
0.0.0.0
○ Destination Broadcast IP Address 255.255.255.255 Broadcasting
❖ DHCP-Request
○ DHCP Client ' " DHCP-Offer " Message
IP Address DHCP Server
Confirmation Message
○ DHCP Client DHCP Server 'DHCP-Offer'
Message IP Address
Server DHCP-Request Message
Source IP Unspecified Address 0.0.0.0 Destination Address
Broadcast Address 255.255.255.255
○ Message Size 342 bytes or 576 bytes
❖ DHCP-NAK
○ DHCP Server Client Client DHCP-Request Message
Deny DHCP Server Deny DHCP Client
1. Client IP Address Another Computer
❖ DHCP-Decline
○ DHCP Client DHCP Server
○ DHCP Client DHCP Server Server IP Address ..
Server DHCP-Offer Message IP Address
Information Computer OR Valid
Message
○ DHCP Client Server DHCP Request Process
Message
○ Client DHCP-Decline Message Source IP Address Unspecified Address
(0.0.0.0) Destination IP Address (255.255.255.255)
❖ DHCP-Inform
○ DHCP Client Additional IP Configurations DHCP Server
Message
○ DHCP Client IP Address DHCP Options
Gateway IP
DHCP Server
DHCP Client
DHCP-Request
Renewal Process
DHCP-ACK
Renewal Process
○ Client IP Address Lease Time (Lease Expire) (OR)
○ User cmd>ipconfig /release cmd>ipconfig /renew
DHCP-Request
DHCP-NAK
DHCP Server
DHCP Client DHCP-Discover
DHCP-Offer
DHCP-Request
DHCP-ACK
1. Stateful Mode
○ Stateful Mode DHCP IPv6 Clients IPv6 Address
DHCP Server IPv6 Scope
2. Stateless Mode
○ Stateless Mode DHCP IPv6 Clients IPv6 Address
DHCP Server IPv4 Scope
○ DHCP Server Create Stateless Mode DHCP Server
Clients IP IPv4 Scope IPv4 Configurations
IPv6 Configurations IPv6 Configurations
❖ Name Types
○ Machines Name
1. NetBIOS Name (NetBIOS Service Name & WINS Server)
2. DNS Name (Host File Name Resolution & DNS Server)
NetBIOS Name
○ NetBIOS Name Default 16 Hexadecimal Characters (16 bytes) 16
Hex Characters Computer NetBIOS Name 15 Characters 1
Character NetBIOS Suffix Name (NetBIOS Service Name)
○ NetBIOS Name - Hyphen . Dot Space FQDN Support
○ NetBIOS Service Name Service Type or Record Type Value
1D Master Browser
(2) Client B
(2)
Client -A
Client C
(1)
Client D
(2)
LLMNR Cache
❖ (1) Broadcast
○ Computer NetBIOS Enabled NetBIOS Method
○ Computer Name Resolution Broadcast (Destination 255.255.255.255
Packet) Local Network
○ Request Computers Respond Respond
Computers Computer Name Resolution
❖ (2)WINS
○ WINS NetBIOS Name Resolution System Name Resolution Server
○ WINS Clients IP Address NetBIOS Name Records
WINS Server
○ WINS Older Networks Local Network Name Resolution
5. Pawn # Sign
Pawn # Sign
192.168.10.1 server1 (IP) (Space) (NetBIOS Name)
NetBIOS Setting
Default Computer NetBIOS Settings DHCP Server
1. First, Client check request namespace is available in Domain (If Domain Model).
2. Second, Client check its "DNS Resolver Cache"
3. Client check its Hosts File.
4. Client perform DNS Resolution (Contacting DNS Server)
5. LLMNR (If IPv6)
6. NetBIOS Resolution Sequences happen. (Depend on NetBIOS Node Type)
(1). NetBIOS Name Cache
(2). WINS Server
(3). Broadcast
(4). LMHosts File
CMD>ipconfig /displaydns
• Cache Clear
CMD>ipconfig /flushdns
Top Level
.net .com .org
Domain
globalmantics
Second Level Domain
US HQ Asia
Sub Domain
Namespace Hierarchical Tree Structure
Namespace FQDN Right to Left Domain Tree Structure Up to
Dedicated Sub Domain
down
Sales
"." Root Domain Internet Root Domain "."
host
Server1.Sales.HQ.Globomantics.com.
Server1.Sales.HQ.Globomantics.com
( Root Domain)
Namespace Root Domain
Namespace Host Name Namespace Root Domain
Server1.Sales.HQ.Globomantics.com Namespace
○ FQDN Name
○ Fully Qualified Domain Name
○ Primary DNS Suffix Name
❖ Hierarchical of Domains
1.DNS Servers
▪ DNS Server Program Run Machine
▪ Windows DNS Server Unix BIND (Berkeley Internet Name
Domain)
▪ Name IP Address Name Server
4. DNS Clients
○ Name Request Device DNS Client
❖ 1.Interactive Queries
○ Interactive Queries
○
○
○ Interactive Queries ( )
❖ 2.Recursive Query
○ Recursive query
○ Recursive query
○ Recursive Query ..
❖ DNS Zones 2
○ Name Resolution Process Zones 2
1. Forward Lookup Zone
2. Reverse Lookup Zone
❖ Secondary Zone
○ Master Zone Database
○ Zone (Database) Read Access
○ Active Directory Integrated Zone
❖ Stub Zone
○ Stub Zone Special Lookup Zone
○ Stub Zone Forward Lookup Zone Reverse Lookup Zone
domain.com. • This is the root of the zone. This specifies that the zone file is for
the domain.com.domain. Often, you'll see this replaced with @,
which is just a placeholder that substitutes the contents
IN SOA • The "IN" portion means internet (and will be present in many
records). The SOA is the indicator that this is a Start of Authority
record.
ns1.domain.com. • This defines the primary master name server for this domain.
Name servers can either be master or slaves, and if dynamic DNS
is configured one server needs to be a "primary master", which
goes here. If you haven't configured dynamic DNS, then this is just
one of your master name servers.
admin.domain.com This is the email address of the administrator for this zone. The "@"
. is replaced with a dot in the email address. If the name portion of
the email address normally has a dot in it, this is replace with a "\"
in this part (your.name@domain.com becomes your
\name.domain.com).
3h • This is the refresh interval for the zone. This is the amount of time that
the slave will wait before polling the master for zone file changes.
30m • This is the retry interval for this zone. If the slave cannot connect to the
master when the refresh period is up, it will wait this amount of time and
retry to poll the master.
3w • This is the expiry period. If a slave name server has not been able to
contact the master for this amount of time, it no longer returns
responses as an authoritative source for this zone.
1h • This is the amount of time that the name server will cache a name error
if it cannot find the requested name in this file.
or
❖ NSLOOKUP
○ NSLOOKUP DNS Server Name Resolution Test
○ NSLOOKUP Name Resolution Troubleshooting
○ NSLOOKUP Modes 2
▪ Interactive Mode
○ Interactive Mode NSLOOKUP Command Prompt
❖ NSLOOKUP Options
• Domain DNS Suffix Name DNS Name Registration DNS Name Resolution
1. Run>ncpa.cpl
2. Network Adapter > RC > Properties > IPv4 (SC) > Properties > Advanced
3. DNS (Tab) > Check
"Append these DNS suffixes (in orders):" and Click Add
4. In TCP/IP Domain Suffix Box > Added DNS Suffix Name and Click Add
5. Set Order
History of IPv6
▪ People become to use IPv6 address because IPv4 address space is not enough
for long time.
▪ IPv4 is still alive because people use NAT/PAT, CIDR to solve inefficient
addresses.
About IPv6
* But an increased number of IT addresses isn't the only advantage of IPv6 over
IPv4.
* Some old protocols and versions need to use compatible with IPv6.
* So, IPv6 use Neighbor Discovery Protocol (NDP) instead of IPv4 in Address
Resolution Protocol (ARP).
* One group in IPv6 have 16 bits and 4 hexadecimal digits, each group is divided
with colons (:).
e.g. 2001:0db8:3c4d:0012:0000:0000:1234:56ab
✓ Original : 2001:0000:3c4d:0000:0000:0000:1234:56ab
✓ Short : 2001:0000:3c4d::1234:56ab
✓ Shorter : 2001:0:3c4d::1234:56ab
▪ If IPV6 address include “0” group with 3 octet or 4 octet, hide 3 or 4 octets with ::
Double Column instead of “0” groups.
▪ IPv6 with group of zero can hide with :: double column each one time.
✓ Original : 2001:0000:3c4d:0000:0000:0000:1234:56ab
✓ Short : 2001:0000:3c4d::1234:56ab
Note : IPv6 header has a new field, named Flow Label, that can identify
packets belonging to the same flow.
▪ Compared with IPv4, IPv6 contains no IP-level checksum, so the checksum does
not need to be recalculated at every router hop.
▪ A router will send the prefix of the local link in its router advertisements.
▪ A host can generate its own IP address by appending its link-layer (MAC) address,
converted into Extended Universal Identifier (EUI) 64-bit format, to the 64 bits of
the local link prefix.
▪ True end-to-end connectivity at the IP layer is restored then create, maintain, and
new services such as VoIP and Quality of Service (QoS).
Security
▪ IPv4 ICMP packets are often blocked by corporate firewalls, but ICMPv6 may be
permitted because IPsec can be applied to the ICMPv6 packets.
✓ Unicast
✓ Multicast and
✓ Anycast
Note: Not use Broadcast address, instead of broadcast address want to send
packets in LAN use Link local address (ff02::1).
▪ Unicast is unique and there have no same IPv6 address on the internet.
✓ Public IP address
✓ Assigned by IANA
✓ Routable IP address
✓ 2000::/3
✓ Non-Routable IP address
✓ Used for intranets that are not connected to the IPv6 Internet
✓ To be used for
❖ Neighbor Discovery
✓ Include 16 bits
Interface ID
Interface ID Format
Multicast Address
✓ Prefix ff00::/8
✓ Link-Local Multicast address use in LAN when nodes want to send each other with
multicast address
✓ FF02::1 Link-Local All Nodes Multicast Address | FF02::5: All OSPFv3 Routers
✓ FF02::2 Link-Local All Routers Multicast Address | FF02::a: All EIGRP (IPv6) Router
✓ Use in LAN
▪ An IPv6 anycast address is an address that can be assigned to more than one
interface (typically different devices).
▪ A packet sent to an anycast address is routed to the “nearest” interface having that
address, according to the router’s routing table.
▪ Routers will select the desired path on the basis of number of hops, distance,
lowest cost, latency measurements or based on the least congested route.
▪ The basic idea of Anycast is very simple: multiple servers, which share the same IP
address, host the same service.
✓ Unspecified Address
❖ ::/0 = 0000: 0000: 0000: 0000: 0000: 0000: 0000: 0000 = ::/0
❖ Also use ::
❖ 0.0.0.0/0 in IPv4
✓ Loopback Address
❖ 0:0:0:0:0:0:1 = ::1/128
❖ 127.0.0.1/8 in IPv4
✓ Discard Address
❖ 100::/64
❖ 0:0:0:0:0:192.168.100.1
✓ ::ffff:0:0/96
✓ 64:ff9b::/96
▪ In Window
Note : Identifies the interface zone ID on the host which is connected to the
segment
✓ No additional servers
✓ DHCPv6
✓ Dual Stack
✓ NAT64
▪ A dual stack network involves nodes that are capable of processing IPv4 and IPv6
traffic simultaneously.
▪ This is especially important at the router, as the router is typically the first node on
a given network to receive traffic from outside of the network.
▪ 6 to4 is very useful when trafficking IPv6 data over an IPv4 network, it especially
works best in WAN settings where a remote network is still running IPv4 protocols.
▪ An IPv6 over IPv4 GRE tunnel uses the standard GRE tunneling technology to
provide P2P connections.
▪ Any types of protocol packets that GRE supports can be encapsulated and
transmitted through a GRE tunnel.
▪ The protocols may include IPv4, IPv6, Open Systems Interconnection (OSI), and
Multiprotocol Label Switching (MPLS).
▪ The ISATAP tunnel uses a specially formatted IPv6 address with an IPv4 address
embedded into it.
▪ Different from the IPv6-to-IPv4 address that uses the IPv4 address as the network
prefix, the ISATAP address uses the IPv4 address as the interface ID.
▪ The NAT64 gateway is a translator between IPv4 and IPv6 protocols for which
function it needs at least one IPv4 address and an IPv6 network segment
comprising a 32-bit address space.
▪ In the NAT64 gateway, two interfaces are connected to the IPv4 for an IPv6
network.
▪ Traffic from IPv6 goes through the gateway, which transfers and translates data
packets.
▪ Although NAT64 is an effective gateway for these two network types, some
technologies such as Skype and other types of real-time interfacing are not
supported.
▪ The IPv4 only server means that the DNS system has only an “A” record for the
server and no “AAAA” records.
▪ DNS64 server should be set as the DNS server of the IPv6 only client.
▪ When the IPv6 only client tries to connect to the web server, it sends a recursive
query to the DNS64 server to find the IPv6 address of the web server.
▪ The DNS64 server uses the normal DNS system to find out the IP address of the
web server.
• Stateful means the computer or program keeps track of the state of interaction,
usually by setting values in a storage field designated for that purpose.
▪ To aggregate many IPv6 users into a single IPv4 address, stateful NAT64 is
required.
Stateful NAT64
• Stateful NAT64 allows IPv6-only clients to contact IPv4 servers using unicast UDP,
TCP, or ICMP based on RFC 6146.
• This technology will be used mainly where IPv6-only networks and clients (i.e.
Mobile handsets, IPv6 only wireless, etc...) need access to the IPv4 internet and its
services.
▪ 2001:DB8::/32
* Features of NDP
• R1(config)#interface gi0/0
• R1#conf t
• R1(config)#int fa0/0
• R1(config-if)#IPv6 enable
SLACC
EUI-64
❖ ND command = enable RA
Use five minutes = 120 seconds for life time (both preferred and valid)
❖ Ipv6 nd ra interval 30
✓ Debug ipv6 nd
✓ Undebugg all
▪ While Millions of online users rely VPNs whenever they access the web almost every
day.
▪ It’s very likely that not many people know a lot about VPN history - how it started
and how it developed over the years.
▪ VPN technology was originally developed only by big companies and organizations
for their own goals, and it wasn’t meant for average online users.
▪ Pretty soon, third-party VPN providers appeared on the market to provide this
technology to consumers.
About VPN
▪ Virtual private network (VPN) is a network that is constructed using public network
usually the internet to connect remote users or regional offices to a company's
private, internal network.
▪ VPN enables users to send and receive data across shared or public networks as if
their computing devices were directly connected to the private network.
▪ VPN uses different tunneling protocols to encrypt online connections, and hides
user IP addresses to let people bypass geo-blocks, and enjoy secure browsing.
▪ It prevents unauthorized people from eavesdropping on the traffic and allows the
user to conduct work remotely.
• All your network traffic is sent over a secure connection to the VPN.
• Because your computer behaves as if it’s on the network, this allows you to
securely access local network resources even when you’re on the other side of
the world.
• You’ll also be able to use the Internet as if you were present at the VPN’s
location, which has some benefits if you’re using pubic Wi-Fi or want to access
geo-blocked websites.
• The VPN forwards the request for you and forwards the response from the
website back through the secure connection.
• If you’re using a USA-based VPN to access Netflix, Netflix will see your
connection as coming from within the USA.
• If you travel, a VPN can give you access to geo-block websites and streaming
content from your home country (even your local Netflix library) while you're
away.
✓ The internet has now become the real marketplace and the place for cybercriminals
to be.
✓ Most people use internet when people wake up early in the morning, or they are
going to sleep at night.
✓ There was a time when street criminals would steal from you showing up a weapon
or cutter, (financial) resources are now moving towards digital currencies.
✓ Nowadays, it is quite easy for a young rookie hacker nearby to try his hands-on
hacking.
✓ It is very easy for hackers to steal user’s personal data and information.
✓ So, to keep your data and personal information protected on the internet, it is
advised to use a VPN.
✓ VPN helps a user to hide IP Address, which makes it impossible to trace the actual
location of a user.
✓ For instance, if you are living in Myanmar and connected to an Singapore server
with the help of a VPN you will appear to be Singaporean having an Singaporean IP
Address.
✓ However, there are numerous VPN providers in the market place promising to
provide the best of services and privacy and no-data logging policy.
Network Book New (1) Page 305
provide the best of services and privacy and no-data logging policy.
Data Integrity
▪ So, integrity ensures data has not been altered when in transmit.
▪ In the case with VPN's, data has not been intercepted and changed when traveling
from one VPN gateway to another VPN gateway.
Origin Authentication
▪ Authentication ensures that a message comes from a reliable source and goes to
an authentic destination.
▪ VPNs can use passwords, digital certificates, smart cards, and biometrics to
establish the identity of parties at the other end of a network.
▪ However, this is usually used when setting up remote / mobile user VPN. This is
executed at the end of phase 1 negotiation.
Anti-replay
Anti-replay ensures IP packet-level security by making it impossible for a
hacker to intercept message packets and insert changed packets into the data
stream between a source computer and a destination computer.
Remote-Access VPN
▪ A remote access VPN is for home or travelling users who need to access their
central LAN from a remote location.
▪ They dial their ISP and connect over the internet to the LAN.
• E.g. Offsite workers to easily and securely connect with their company's
network while working remotely.
* Site-to-site VPN connection lets branch offices use the internet as a conduit for
accessing the main office's intranet.
▪ When a company has a close relationship with another company, they can
build an extranet VPN that connects LAN to LAN.
▪ This VPN provides privileged access to authorized vendors, customers, and
other third parties.
▪ This allows your company to share information with its partners, while still
securing its LAN (intranet).
▪ VPN server is a physical or virtual server that is configured to host and deliver VPN
services to users worldwide.
▪ The server is a combination of VPN hardware and VPN software that allow VPN
clients to connect to a secure private network.
▪ VPN works by encrypting your data as it travels back and forth between your client
machine and the internet resources you're using, such as web servers.
▪ VPN server software is what allows a server to offer VPN services to users.
▪ VPN server software configures servers with added security which allows them
to encrypt and decrypt connection requests and incoming information.
▪ VPN Protocols
VPN Clients
▪ Typically, a VPN client first connects to a VPN server before it can make use of the
VPN services.
▪ After providing user credentials and authentication, the VPN client is connected to
the VPN.
✓ DotVPN
✓ TotalVPN Free
✓ TunnelBear Free
✓ Windscribe Free
✓ Hideme VPN
• PPTP allows corporations to extend their own corporate network through private
"tunnels" over the public Internet.
▪ L2TP VPN uses a client application on a remote system, with a VPN termination
device that sits inside the network.
Note: L2TP protocol is more secure than PPTP as it doesn't have any major
security vulnerabilities.
▪ GRE works by encapsulating a payload that is, an inner packet that needs to
be delivered to a destination network inside an outer IP packet.
▪ IPsec is the most popular secure network protocol suites used in Virtual
Private Networks.
▪ IPsec VPN uses tunneling to establish a private connection for the network
traffic.
▪ VPN protocols that use IPsec encryption include L2TP, IKEv2, and SSTP.
Security
✓ Tunneling support between sites with at least 128bit encryption of the data.
Scalability
✓ Extra users and bandwidth can be added easily to adapt to new requirements.
Services
Management
✓ Reports on user activity, management of user policies and monitoring of the VPN
as a whole.
Advantages of VPN
✓ Enhanced security
✓ Remote control
✓ Share files
✓ Online anonymity
✓ Better performance
✓ Reduce costs
PROTONVPN FREE
WINDSCRIBE
SPEEDIFY
Future of VPN
▪ VPN would be entirely possible to see every online user using a VPN whenever they
browse the web in the future.
▪ After all, VPN can become one of the essential factors in creating the internet as it
should be – secure, democratic, and free.
VPN Technology
✓ Open source Projects
✓ Multi-factor authentication
▪ With the increasing reliance on technology, it is becoming more and more essential
to secure every aspect of online information and data.
▪ As the internet grows and computer networks become bigger, data integrity has
become one of the most important aspects for organizations to consider.
▪ Network security is one of the most important aspects to consider when working
over the internet, LAN or other method, no matter how small or big your business
is.
▪ While there is no network that is immune to attacks, a stable and efficient network
security system is essential to protecting client data.
▪ A good network security system helps business reduce the risk of falling victim of
data theft and protect your workstations from harmful spyware.
▪ Hackers are impersonating Zoom, Microsoft Teams, and Google Meet for phishing
scams.
▪ Both businesses and households should consider the security of their networks
seriously:
▪ Social engineering is the art of exploiting human psychology, rather than technical
hacking techniques, to gain access to buildings, systems or data.
▪ Social engineering, in the context of information security, is the psychological
manipulation of people into performing actions or divulging confidential
information.
▪ With a social engineering attack, the attacker compromises the network or system
through social interaction with an individual, through an e-mail message or phone
call, and tricks the individual into divulging information that can be used to
compromise security.
▪ The social engineer "impersonates" or plays the role of someone you are likely to
trust or obey convincingly enough to fool you into allowing access to your office, to
information, or to your information systems.
▪ Social engineering happens because of the human instinct of trust.
▪ Social engineering has proven to be a very successful way for a criminal to "get
inside" your organization.
▪ Criminals will often take weeks and months getting to know a place before even
coming in the door or making a phone call.
▪ Cybercriminals know that social engineering works best when focusing on human
emotion and risk.
▪ Cybercriminals have learned that a carefully worded email, voicemail, or text
message can convince people to transfer money, provide confidential information,
or download a file that installs malware on the company network.
▪ Hacker calls and impersonates the network administrator, tries to trick the user into
compromising security by asking the user to do things such as changing their
password or giving away account information.
▪ The hacker also may ask the user questions about the general setup of the system.
Describe example as following;
Network Attacks
✓ Eavesdropping attack
✓ Hijack attack or Man-in-the-middle attack (MITM)
✓ Spoof attack
✓ Denial of service (DoS)
✓ Distributed denial of service (DDOS)
✓ Buffer overflow
✓ Exploit attack
✓ Password attack
Eavesdropping Attack
Note : This widely used type of attack typically involves the use of network
monitoring tools to analyze and read communications on the network.
▪ Alice "Hi Bob, it's Alice. Give me your key." → Mallory Bob
▪ Mallory relays this message to Bob; Bob cannot tell it is not really from
Alice:
▪ Alice Mallory "Hi Bob, it's Alice. Give me your key." → Bob
▪ Mallory replaces Bob's key with her own, and relays this to Alice, claiming
that it is Bob's key:
▪ Alice encrypts a message with what she believes to be Bob's key, thinking
that only Bob can read it:
▪ Alice "Meet me at the bus stop!" [encrypted with Mallory's key] → Mallory
Bob
▪ However, because it was actually encrypted with Mallory's key, Mallory can
decrypt it, read it, modify it (if desired), re-encrypt with Bob's key, and
forward it to Bob:
▪ Alice Mallory "Meet me at the van down by the river!" [encrypted with
Bob's key] → Bob
➢ Force HTTPS
Spoof Attack
Types of Spoofing
➢ Email Spoofing
➢ Caller ID Spoofing
➢ Website Spoofing
➢ IP Spoofing
➢ ARP Spoofing
➢ DNS Server Spoofing
▪ The DDoS attack will test the limits of a web server, network, and application
resources by sending spikes of fake traffic.
▪ DDoS attacks use an army of zombie devices called a botnet.
▪ These botnets generally consist of compromised IoT devices, websites, and
computers.
▪ When a DDoS attack is launched, the botnet will attack the target and deplete the
application resources.
▪ A successful DDoS attack can prevent users from accessing a website or slow it
down enough to increase bounce rate, resulting in financial losses and performance
issues.
▪ A buffer overflow occurs when the volume of data exceeds the storage capacity of
the memory buffer.
▪ Buffer overflows can affect all types of software. They typically result from
malformed inputs or failure to allocate enough space for the buffer.
▪ If the transaction overwrites executable code, it can cause the program to behave
unpredictably and generate incorrect results, memory access errors, or crashes.
▪ A buffer overflow attack is when the attacker sends more data to an application
than is expected.
▪ A buffer overflow attack usually results in the attacker gaining administrative
access to the system in a command prompt or shell.
▪ Attackers exploit buffer overflow issues by overwriting the memory of an
application.
▪ This changes the execution path of the program, triggering a response that
damages files or exposes private information.
▪ If attackers know the memory layout of a program, they can intentionally feed
input that the buffer cannot store, and overwrite areas that hold executable code,
replacing it with their own code.
▪ Stack-based buffer overflows are more common, and leverage stack memory that
only exists during the execution time of a function.
▪ Heap-based attacks are harder to carry out and involve flooding the memory space
allocated for a program beyond memory used for current runtime operations.
Exploit Attack
Password Attack
Firewall
▪ A firewall is a network security device that monitors incoming and outgoing
network traffic and permits or blocks data packets based on a set of security rules.
▪ Network firewalls are frequently used to prevent unauthorized Internet users from
accessing private networks connected to the Internet, especially intranets like
viruses and hackers.
▪ Firewalls can be implemented as both hardware and software, or a combination of
both.
▪ All messages entering or leaving the intranet pass through the firewall, which
examines each message and blocks those that do not meet the specified security
criteria.
Packet-Filtering Firewall
Stateful Firewall
▪ A stateful firewall is a firewall that monitors the full state of active network
connections.
▪ This means that stateful firewalls are constantly analyzing the complete context of
traffic and data packets, seeking entry to a network rather than discrete traffic and
data packets in isolation.
▪ Stateless firewalls watch network traffic and restrict or block packets based on
source and destination addresses or other static values.
▪ By taking multiple factors into consideration before adding a type of connection to
an approved list, such as TCP stages, stateful firewalls are able to observe traffic
streams in their entirety.
Stateless Firewall
▪ A stateless firewall uses simple rule-sets that do not account for the possibility that
a packet might be received by the firewall 'pretending' to be something you asked
for.
▪ A stateless firewall filter, also known as an access control list (ACL), does not
Stateful inspect traffic.
▪ Stateless Firewalls are basically ACLs.
▪ They contain rules about which traffic to allow or block depending on Source IP,
Destination IP, Port numbers, Network Protocols and a bunch of other stuff.
▪ Stateless firewall filter is to enhance security through the use of packet filtering.
▪ If match conditions are not met, unidentified or malicious packets will be blocked.
Caching Server
▪ Cache Server is a server used to speed corporate access to Web content on the
Internet by caching the Web pages that users most frequently request.
▪ A cache server is a dedicated network server or service acting as a server that
saves Web pages or another Internet content locally.
▪ By placing previously requested information in temporary storage, or cache, a
cache server both speeds up access to data and reduces demand on an
enterprise's bandwidth.
▪ On the Internet, content filtering is the use of a program to screen and exclude
from access or availability Web pages or e-mail that is deemed objectionable.
▪ Content filtering is used by corporations as part of Internet firewall computers and
also by home computer owners, especially by parents to screen the content their
children have access to from a computer.
▪ Content filtering allows you to filter what information users are allowed to see
when using an application.
▪ For example, we may allow web traffic out of the private network onto the Internet
but we want to make sure that users on the network are not surfing inappropriate
content.
▪ For example, we may deny any web pages with the word “sex” in them.
▪ Many different types of data encryption are available with each methodology,
providing advantages and varying levels of security.
▪ To date, there are a number of complex encryption standards that have not yet
been broken, along with other standards that use simple encryption methods and
have been cracked but can still provide a level of security if used appropriately.
▪ Encryption is the method by which information is converted into secret code that
hides the information's true meaning.
▪ The science of encrypting and decrypting information is called cryptography.
▪ Encryption is the process of taking plain text data and converting it to a
meaningless format that is unreadable, better known as cipher text.
▪ Once the data has been transformed into cipher text, anyone wishing to decrypt
the content would need to know the encryption key to convert the data back to
plain text.
▪ The encryption key is passed through an encryption algorithm to encrypt the
contents of the data.
There are a limited number of encryption algorithms, so if a hacker knows the
algorithm, that is not considered a security issue, but if a hacker obtains the
encryption key, that is a compromise of network security.
Types of Encryption
▪ Block Algorithms
➢ Set lengths of bits are encrypted in blocks of electronic data with the use of a
specific secret key.
➢ As the data is being encrypted, the system holds the data in its memory as it
waits for complete blocks.
▪ Stream Algorithms
➢ Data is encrypted as it streams instead of being retained in the system’s
memory.
Asymmetric Encryption
▪ Secure Sockets Layer (SSL) is a session-layer protocol that encrypts data sent from
any higher-layer program such as FTP, HTTP, SMTP, and so on.
▪ SSL has become the standard method of encrypting traffic between a web client
and a web server, ensuring that malicious users cannot capture such traffic and
read it.
▪ SSL can work only with guaranteed transports or basically anything using the TCP
protocol and is made up of the two protocols:
❖ SSL Handshake and
❖ SSL Record.
▪ SSL Handshake is used to create a secure session between the two systems that
are communicating.
▪ This includes all methods and parameters used for the encryption.
▪ SSL Record is used to encrypt all data packets, including the SSL Handshake data
packets.
▪ SSL is mainly used on e-commerce web sites during the exchange of personal
information such as credit card numbers, because SSL can encrypt the traffic
between the client and the server.
IaaS
○ Services that can be available as part of cloud computing include
"Infrastructure as a service" (IaaS), where the company rents virtualized
servers (which are hosted by a service provider) and then runs specific
applications on those servers. Also called "Network as a Service" (NaaS).
SaaS
○ Another type of cloud service is "Software as a service", SaaS, where the
details of the servers are hidden from the customer and the customer’s
experience is similar to using a web-based application.
○ An application service provider (ASP) provides application software access to
subscribers. This service is sometimes called software as a service (SaaS).
PaaS
○ Another cloud service is called platform as a service, PaaS, which can provide a
development platform for companies that are developing applications and want
to focus on creating the software and not have to worry about the servers and
infrastructure that are being used for that development.
Community Cloud
○ Another type of cloud is the community cloud, which is a term referring to
cloud services used by individuals, companies or entities with similar interests.
Virtual Servers
NaaS
• Network as a Service
• If a service provider’s customer did not want to house and maintain his own data
center, these virtualization technologies could be located at a service provider’s
data center, and the customer could be billed based on usage patterns. Such a
service provider offering is called network as a service (NaaS), implying that
network features can be provided by a service provider.
Repeater
○ Extender
○ Layer 1 Device
○ Only 2 Interfaces
○ Using Extra Volts , Repeater regenerate signal from one side to another.
○ Hub used "Broadcasting Method" that duplicate one port signals (0,1,1,0) to all
other left ports. (Data Broadcasting Method can cause Bottlenecks)
○ Hub used "Integrated Circuit" to regenerate signals.
○ Half Duplex Device (10 Mbps to 100 Mbps) (1Share per - 1Speed)
○ Because of Half Duplex Device , Hub can't separate Collisions Domain and Broadcast
Domain.
○ Types of Hubs
▪ Passive Hub
□ Small Hub
□ No Power (DC 5Volts from NIC)
□ No power can cause short distance connections.
□ 4 Ports to Max 8 Ports
□ Without Fan
□ Can't used in daisy-chain multiple hubs network.
Active Hub
▪ Enterprise Hub
▪ With Power (DC 12Volts from Outlet)
▪ Using Input DC to regenerate signals , so Active hubs is also called
Multiport Repeater.
▪ Active Hub support long distance connections.
▪ Mini 12 Ports to 24 Ports
▪ With Fan
▪ Can used as daisy-chain multiple hubs network.
Smart Hub
▪ Smart Hub is also active hub and also has an enhanced feature
called "Simple Network Management Protocol (SNMP)".
Cascading Hubs
○ Cascading Hubs Hubs
○ Hubs
1. Cross Over Cable Hub Hub
(Hub Connection Half duplex
)
Uplink Port
○ Uplink Port Hub
○ MAU Types 2
1. Passive MAU (No Power , 12Volts Battery)
2. Active MAU (With Power)
○ Bridge
○ Bridge OSI Layer 2 (Data Link Layer)
○ Bridge Same Large Network (Hubs )
( Bridging )
(Network Segments Network Devices
Network Collisions )
( Collisions Bridge )
○ Half Duplex
○ Normally Switch is "Layer 2 Device" but some switches are "Layer 3 Device" or "Multi
Layers Device"
○ "Physical Star" , "Logical Ring"
○ Switches are working with "Switching Method" that take frame to specific location.
○ Switch use "MAC Table or CAM Table" to take frame.
○ Switch also have 4 or More Ports . (Enterprise have 48 Ports)
○ Full Duplex Device (100Mbps or More)
○ Switch used CSMA/CD in Half Duplex Mode to avoid Collision Domain (Switch in Full
Duplex Mode can't cause Collisions and CSMA/CD don't work) and also used
"Spanning Tree Protocol" for Loop Avoidance.
○ Switch Features are
▪ Port Mirroring
▪ Port Authentication
▪ Content Switching (Must be Content Switch)
▪ VLAN
▪ Trunking
○ Small and Medium Brands (D-Link , C-Net , TP-Link , Trendnet , Belkin , Netgear)
○ Enterprise Brands (Cisco , MikroTik , Juniper , HP)
○ "Layer 3 Device"
○ Inside is "Peer to Peer" or "Star Topology"
○ Interconnecting Different LANs
○ Router do "Routing Function" that forward packet to another.
○ Router forwarding packets by using "Routing Table"
○ The Router must have at least 2 Interfaces. One for LAN1 another for LAN2.
○ Full Duplex Device (100 Mbps or 1Gbps to More)
○ Two Types of Route
▪ Static Route
▪ Dynamic Route
○ Router used popular Routing Protocols are RIP , RIPv4 , EIGRP , OSPF , BGP , etc..
○ Routing Function can be Server or Integrated Device.
○ Microsoft "Routing and Remote Access Server"
○ Linux "Static Route" or "Proxy Server"
○ Small and Medium Brands (D-Link , Linksys , TP-Link , Trendnet , Belkin , Netgear)
○ Enterprise Brands (Cisco , Juniper , MikroTik , HP)
○ Brouter operate at both the network layer for routable protocols and at the data link
layer for non-routable protocols.
○ Brouter routes (forward) for routable protocols and bridging (bridge) for non-routable
protocol.
○ A hardware load-balancing device (HLD), also known as a Layer 4 or Layer 7 Router that
directs computers to multiple servers in a network.
○ A load balancer acts as the “traffic cop” sitting in front of your servers and routing client
requests across all servers capable of fulfilling those requests in a manner that maximizes
speed and capacity utilization and ensures that no one server is overworked, which could
degrade performance.
○ If a single server goes down, the load balancer redirects traffic to the remaining online
servers.
○ Typical Load Balancer functions are
▪ Distributes client requests or network load efficiently across multiple servers
▪ Ensures high availability and reliability by sending requests only to servers that
are online
▪ Provides the flexibility to add or subtract servers as demand dictates
○ Small Environment Load Balancer brands are TP-Link , D-Link Load Balancer ,etc..
DSU
○ Data Service Unit
○ DSU
1. WAN Line (T1 Line) Connection Control
2. WAN Line (T1 Line) Time-Division Multiplexed (TDM) DSX Frames
LAN Frames
3. Additional DSU Signal Regeneration Timing Errors
Management
NIC
○ Network Interface Card or Network Interface Controller
○ NIC is mostly Layer 1 Device but NIC also provide Data Link Layer Addressing (MAC Addressing) ,
so NIC can be Layer 2 Device. Every NIC has one "MAC Address"
○ NIC can be
▪ Integrated (Onboard) or
▪ Dedicated, Expansion Card (ISA or PCI or PCIe) or
▪ Adapter (USB or Serial)
NIC Speeds
○ Speed (10 Mbps, 100 Mbps, 1Gbps, 10Gbps, 20Gbps, 160Gbps)
Green ( )
Amber ( / )
Port Left Side LED Green
Right Side LED Amber
Off Connection
Network Connectivity Green Solid
Off No Problem
Solid Network Congestion Collisions
Indicate
Flashing Network Traffics
Types of Transceiver
○ IEEE 802.3 Interfaces (10Base2 , 10Base5) used MAU Transceiver (Old Network)
○ Fiber-Optic (Gigabit Ethernet) used "Fiber Transceivers"
▪ GBIC
▪ SFP
▪ SFP+
▪ SFP
▪ XAUI
▪ CFP
Fiber Transceiver
○ Layer 1 Device
○ Fiber Transceivers Device Hot Swappable Interface
○ Device Interface Fiber Interface
○ Converter Types
▪ BNC (Coaxial) to RJ45 (Twisted Pair)
▪ Serial to RJ45 (Twisted Pair)
▪ RJ45 (Twisted Pair) to Fiber (Optical)
▪ Fiber Single Mode to Multi Mode
Code Brief
Pins Signal (Volts) Ethernet Type (Both Cable and NIC Ports)
NC Not Connected
Crossover Cable
○ Twisted Pair Cable Connector 568A 568B
Crossover Cable
○ (1 to 3) , (2 to 6) , (3 to 1) , (4 to 4) , (5 to 5) , (6 to 2) , (7 to 7) , (8 to 8)
Cat 5 UTP 100 Mbps & 1Gbps 100BaseT & 1000BaseT 100 Meters
Cat 5e UTP 100 Mbps & 1Gbps 100BaseT & 1000BaseT 100 Meters (Enhance Edition)
Cat 6 UTP 10Gbps (In 55 Meters) 10GBaseT 55 Meters and 100 Meters
1Gbps (Over 55 Meters)
Cat 6a U/FTP , F/UTP 10Gbps (In 100 Meters) 10GBaseT 100 Meters (More Shield)
Cat 7 F/FTP , S/FTP 10Gbps (In 100 Meters) 10GBaseT 100 Meters (Full Shield)
Cat 7a F/FTP , S/FTP 10Gbps (In 100 Meters) 10GBaseT 100 Meters
Ethernet Types
Ethernet Boots RJ-45 Modular Jack (Wall Outlet or Wall Jack) Cable Tester
❖ IDF
▪ Intermediate Distribution Frames
▪ MDF Connection IDF Connect
▪ IDF Workstations Connect
❖ VCC Cable
▪ MDF IDF Connect Cables Vertical Cross-Connect (VCC)
Cable
1. Plenum Cable
○ Plenum Cables Toxin
2. Non-plenum Cable
○ Non-plenum Cables Plenum Toxin
(PVC) Cable
1. Run as Administrator
cmd>Run as Administrator
3. Interface Renaming
netsh_-c_interface_dump_>_c:\netbackup.txt
(Export)
netsh_-f_c:\netbackup.txt (Import)
OR
netsh_interface_dump_>_C:\netcfg.dat (Export)
netsh_exec_C:\netcfg.dat (Import)
arp -a
Nature of Light
Light Reflection
○ (Light) Light
Reflection Process
Light Refraction
○ (Light) (Medium)
Light Refraction
○
1. Speed Reduction Speed
2.
○ (Medium)
○ Data Data
Optical Speed (Bandwidth) Wave-Length
Numerical Aperture
○ Numerical Aperture Fiber Optic Cable Optical Spectrums (Light Rays)
○ The Higher the Core Area , the Higher the Numerical Aperture and the more
Bandwidth.
2.Light-Emitting-Diode (LED)
○ Use in Multi Mode Fiber.
○ LEDs Minimum Band ( ) Slow bit rate
1.Core Area
○ ( )
○ Core Portion Light Optical Signals
2.Cladding Area
○ ( )
○ Cladding Core Area Glass Area
○ Optical Cable Core Area Light (Optical Signals)
Cladding Area Reflection Surface Refraction
Balance Interface
○ Cladding Area Reflection Area
3.Protective Jacket
○ Protective Jacket Optical Cable Core Area Cladding Area
Glass Cable External Damage
63.5 / 125 µm
○ Fiber Connectors
▪ BICONIC
▪ ST
▪ SC
▪ FC
▪ LC
▪ MTRJ
▪ Opti-Jack
▪ VF
▪ LX-5
▪ MU
▪ MPO
▪ MTP
▪ FDDI
▪ ECON
BICONIC
○ The BICONIC is the yellow body indicating a SM version.
○ First fiber connector.
○ Single Mode Fiber.
○ BICONIC is covered in the TIA connector standard FOCIS-1 (TIA-604-1).
SC
○ Subscriber Connector or Square Connector
○ 2.5 mm , Snap (push-pull) Coupling type.
○ Used in Datacom & Telecom , GPON , EPON , GBIC
○ Commonly used as Single Mode Fiber.
○ SC is widely used for it's excellent performance.
○ SC was twice as expensive as a ST.
○ ST is covered in the TIA connector standard FOCIS-3 (TIA-604-3).
LC
○ Lucent Connector or Little Connector or Local Connector
○ 1.25 mm , Snap (push-pull) Coupling type.
○ High-density connections, (Transceiver in SFP , SFP+ , XFP ).
○ Good performance, highly favored for Single mode.
○ LC is covered in the TIA connector standard FOCIS-10 (TIA-604-10).
Opti-Jack (OJ)
○ Opti-Jack is two ST-type ferrules in a package the size of a RJ-45.
○ 2.5 mm , Snap (push-pull) Coupling type.
○ Used in Datacom.
○ OJ can be Single Mode or Multi Mode.
○ Opti-Jack has male and female versions.
○ LC is covered in the TIA connector standard FOCIS-6 (TIA-604-6).
LX-5
○ Lucxis
○ 1.25 mm , Snap (push-pull) Coupling type.
○ Used in High-density connections.
○ Used as Single Mode Fiber.
○ LX-5 is like a LC but with a shutter over the end of the fiber.
○ LX-5 is covered in the TIA connector standard FOCIS-13 (TIA-604-13).
MPO or (MTP)
○ MPO means multi-position optical.
○ MPO connector is sometimes called a MTP which is a commercial name.
○ MPO is a 12 fiber connector for ribbon cable.
○ 12 Connectors are 2.5 mm , Bayonet Coupling type.
○ MPO is use for preterminated cable assemblies and cabling systems.
○ MPO is a 12 fiber MT broken out into 12 STs.
○ MPO is covered in the TIA connector standard FOCIS-5 (TIA-604-5).
ESCON
○ ESCON is SC Duplex, so also called SC Duplex Connector.
○ ESCON also use 2.5 mm ferrules.
○ Single Mode Fiber.
○ ESCON used to connect wall outlet.
○ ESCON is an IBM trademark and also seen in IBM Networks.
• Some WAN connections are 'always on' , some are 'On demand' meaning that the
connection is not established until needed.
• Some WAN connections provide multiple users 'Share Bandwidth' , some are
'Dedicated Bandwidth' and some are 'Share a Common Pool of available Bandwidth'.
• Based on these facts WAN connection can be classified into three categories,
Dedicated Leased Line
Circuit-Switched Connection
Packet-Switched Connection
• Similar to a dedicated leased line because most packet-switched networks are always
on.
• Unlike a dedicated leased line, packet-switched connections allow multiple customers
to share a service provider’s bandwidth.
• Even though bandwidth is being shared among customers, customers can purchase a
service-level agreement (SLA), which specifies performance metrics (for example,
available bandwidth and maximum delay) guaranteed for a certain percentage of
time.
• An SLA might guarantee a customer that he has a minimum of 5 Mbps of bandwidth
available 80 percent of the time.
• Frame Relay is an example of a packet-switched connection.
• Frame Relay network allows multiple customers to connect to a service provider’s
network, and virtual circuits (VCs) logically interconnect customer sites.
• Asynchronous Transfer Mode (ATM) is often categorized as a packet-switched
connection.
• However, to be technically accurate, ATM is a cell-switched connection because ATM
uses fixed-length (that is, 53 byte) cells, as opposed to variable-length frames.
• LAN links are typically faster than WAN links ;however, some WAN technologies (for
example, Synchronous Optical Network [SONET]) boast a bandwidth capacity in the
tens of gigabits per second (Gbps).
• Aside from measuring bandwidth in kilobits per second (Kbps), megabits per second
(Mbps), or gigabits per second (Gbps), high-speed optical networks often use optical
carrier (OC) levels to indicate bandwidth.
OC levels are simply multiples of an OC-1. For example, an OC-3 link has three times
the bandwidth of an OC-1 link (that is, 3 * 51.84 Mbps = 155.52 Mbps).
T Carriers
○ Transmission System 1 (T-1), was introduced in 1962 in the Bell System, and could
transmit up to 24 telephone calls simultaneously over a single transmission line of
copper wire.
○ T-1 is a hardware specification for telecommunications trunking. A trunk is a single
transmission channel between two points on the network: each point is either a
switching center or a node (such as a telephone).
▪ The Nyquist theorem requires 8,000 samples to be sent per second for a voice
conversation (that is, a rate at least twice the highest frequency of 4000 Hz).
▪ Total bandwidth = 193-bit frames * 8,000 samples per second = 1.544 Mbps.
• In a T1 environment, more than one frame is sent at once. Two popular approaches to
grouping these frames are the following:
▪ Super Frame (SF): Combines 12 standard 193-bit frames into a super frame.
E1
• An E1 circuit contains 32 channels, in contrast to the 24 channels on a T1 circuit.
Only 30 of those 32 channels, however, can transmit data (or voice or video).
• Specifically, the first of those 32 channels is reserved for framing and synchronization,
and the seventeenth channel is reserved for signaling (that is, setting up, maintaining, and
tearing down a call).
• Because an E1 circuit has more DS0s than a T1, it has a higher bandwidth capacity.
• Specifically, an E1 has a bandwidth capacity of 2.048 Mbps (8000 samples per
second as required by the Nyquist theorem * 8 bits per sample * 32 channels =
2,048,000 bits per second)
• Unlike a T1 circuit, an E1 circuit does not group frames in an SF or an ESF.
Rather, an E1 circuit groups 16 frames in a multiframe.
• E1 circuits are popular outside of North America and Japan.
E3
• Just as a T3 circuit provided more bandwidth than a T1 circuit, an E3 circuit’s available
bandwidth of 34.4 Mbps is significantly more than the 2.048 Mbps of bandwidth offered
by an E1 circuit.
• A common misconception is that the bandwidth of an E3 is greater than the bandwidth of
a T3 because an E1’s bandwidth was greater than a T1’s bandwidth.
• However, that is not the case, with a T3 having a greater bandwidth (that is, 44.7 Mbps)
than an E3 (that is, 34.4 Mbps).
○ MAN based on Ethernet standards and can connect a customer to a larger network and
the Internet, also called Ethernet as a WAN Technolgy. (Private WAN)
○ Metro Ethernet service usess Ethernet physical links to connect the customer's device to the
service provider's device.
○ The limitation of Ethernet, it does not used Twisted Pair Cable for connection (Ethernet standard
cabling support 1 kilometer or 2 kilometer) (Only Campus LAN) , it is only used fiber optic cable
connection.
○ IEEE improved Ethernet Standards a reasonable WAN Technology, 1000 BASE-LX (Single Mode
Fiber Cable / Up to 5-km) and 1000 BASE-ZX (Single Mode Fiber Cable / Up to 70-km).
○ Company Sites are connected each other using Fiber Connection. To connect Internet , MAN
need service provider.
○ Businesses can use Metro Ethernet to connect their own offices together, which is
another very cost-effective connection option.
○ Metro Ethernet uses Ethernet Emulation / EoMPLS (Ethernet over MPLS) for layer 2
transmission.
○ MPLS-based Metro Ethernet networks use MPLS in the ISP by providing an Ethernet or fiber
cable to the customer as a connection.
• Enterprise (Company) must choose between several possible variations of MetroE services.
• Those variations use different topologies that meet different customer needs.
• MEF (Metro Etherent Forum) (http://www.mef.net) defines the standards for Metro Ethernet,
including the specificications for different kinds of MetrE services.
• The Ethernet Line Service (E-Line), is the simplest of the Metro Ethernet Services.
• The customer connects two sites with access links. Then the MetroE service allows the two
customer devices to send Ethernet frames to each other.
• The MetroE specifications define the concept of Ethernet Virtual Connection (EVC), defines
customer devices can communicate with each other by using single link instead of multiple links.
• For example, common Enterprise WAN Topology with 1 Central Site and 100 Remote Sites. The
Central Site Router need only 1 interface for that 100 Remote sites by using 802.1Q trunking
with different VLAN ID for each sites.
• The people who created MetroE anticipated the need for designs that allow a full mesh, allowing
all devices to send directly to every other device like an Ethernet LAN. That kind of service called
an E-LAN (Ethernet LAN Service).
• One EVC connects to four customer sites, creating one E-LAN. They would also all be in the
same Layer 3 subnet on WAN.
• Ethernet Tree Service (E-Tree) creates a WAN topology in which the central site device (E-Tree
Root) can send Ethernet frames directly to each remote sites (E-Tree Leaves), but the remote
sites can send only to the central site.
• On E-LAN Service, all are connected in the same VLAN and same subnet.
• The MPLS label is a fixed 4 byte identifier added to the packet by the ingress router between
the data-link layer (Layer2) and the network layer (Layer3) and is used by all middle routers to
switch the packet to its destination without the need for any routing table (Layer3) look-ups.
• MPLS is considered a layer 2.5 technology and the MPLS header is called the shim header.
• One or more labels are pushed on the packet at the ingress router forming a label stack.
• The first label is called the top label or the transport label, other labels are used by different
MPLS applications if needed.
1. CPE
2. ELSR
3. LSR
1.CPE
○ Customer Premise Equipment
○ CPE Customer Site Device MPLS Cloud Connect Device
2.ELSR
○ Edge Label Switch Router
○ ELSR is also known as PE (Provider Edge Router)
○ MPLS Cloud Edge( ) Device
○ CPE Router IP Packet 32-bit Shim Header (Label) MPLS
Cloud Forward ELSR Router Packets
Layer 2 Header , Layer 3 Header Label 32-bit Shim Header
○ Label (Shim Header) Packet Layer 2 Header Layer 3 Header
3.LSR
○ Label Switch Router
○ LSR is also know as P (Provider Router)
○ LSR MPLS Cloud Device MPLS Cloud Packets
Label (Shim Header) Forwarding Router
○ Label (Shim Header) 32-bit Address Forward 20-bit Address
Forward
○ Traffic Management LSR Routers Packet Label (Shim
Header) Forward
○ The DSLAM splits out the data over to the router on the lower right, which completes the
connection to the Internet. The DSLAM also splits out the voice signals over to the voice switch
on the upper right.
DSL Types
1. Symmetrical DSL
(Upstream speed Downstream speed Speed SDSL
Service Distance High Speed Bandwidth 12,000 feet
)
2. Asymmetrical DSL
(Upstream Speed Downstream Speed
Downstream Speed ADSL Service Distance High
Speed Bandwidth 18,000 feet )
Types of DSL
○ DSL
Very High Bit-Rate DSL (VDSL) • VDSL Large Office Environment Backup Line
○ ATM is Layer 2 Protocol (Data Link Layer Protocol) Layer 1 DSL Line ATM
Load Coil
○ DSL Modem DSLAM Device Phone Line Maximum 18,000 feet
18,000 feet Load Coil
○ Voice Systems 3rd and 4th Generation cellular phone technology that can transmit and receive
data.
○ Smart Phone Tablet GSM Network Data
Carry
○ G Generation International Telecommunication Union , Radiocommunication
Sector (ITU-R) Standard Connections
○ 4G GSM (Cellular) Network Data Technology LTE (Long-Term Evolution)
LTE 4G Network Technology 3.9 G Network
○ Cisco Devices Serial Interfaces Serial Link Default Encapsulation Protocol HDLC
( HDLC Protocol Cisco HDLC Version Industry Version HDLC
Protocol )
ISO Standard HDLC Protocol Cisco HDLC Protocol HDLC Protocol Carry
Layer 3 (Network Layer) Protocols
Router(config)#int s0/0/0
Router(config-if)#ip add 192.168.2.1 255.255.255.0
Router(config-if)#no shutdown (If necessary, default is up for serial)
Router(config-if)#description Link to R2
○ PPP
▪ Authentication
▪ Compression
▪ Error Checking
▪ Error Correction
▪ Logical Multilink Interface Functions Support
1. Authentication Option
(Authentication Options PAP CHAP Tasks
Option )
2. Compression Option
(Compression Option PPP Packets Payload
(Data) Compression PPP Connection Loading
Payload Encryption
Decryption )
4. Multilink Option
(IOS Version 11.1 Cisco Routers PPP Multilink
Options Support Two Separate Physical Paths
One Logical PPP Link Function 1.5
Mbps T1 Lines 2 Layer 3 Routing Protocols Single
3 Mbps Link
○ PPPoE keeps all the useful PPP features such as multiple protocols support, CHAP
Authentication, etc..
○ It gives you a lot of the familiar PPP features like authentication, encryption, and
compression, but there’s a downside , it has a lower maximum transmission unit (MTU)
than standard Ethernet does.
○ It is usually used in conjunction with xDSL services. DSL connections use a variant of
PPP called PPPoE.
○ It’s often used by many hosts on a shared Ethernet interface for opening PPP sessions to
various destinations via at least one bridging modem.
• PPPoE operate at Layer 2 and uses tunneling to create point-to-point link between clients and
server.
• When connection start, PPPoE Client (Router) create a session to PPPoE Server (ISP Router) by
dialing with Username and Password to specific server. (That why Dialing Interface Need !)
• When success, PPPoE logically create a tunnel between PPPoE Client and Server called a PPPoE
Session (with Session ID) , that encapsulate PPP traffic.
• In PPPoE, clients can only get IP Addresses from PPPoE server after PPP tunnel successfully
created. That why ISP can manage IP addresses and track users to individual user accounts.
PPPoE used Extra 8 Bytes (32 bits) to define PPPoE Header. So, PPPoE exit interface
MTU Size must changed to 1492.
• A device supports multiple PPPoE sessions on each interface, but no more than 256 PPPoE
sessions per device.
• Each PPPoE session is uniquely identified by the Ethernet address of the peer and the session
ID.
• When a host wishes to initiate a PPPoE session, it must perform Discovery to identify the
Ethernet MAC Address of peer and establish a PPPoE Session_ID.
To accept the session, the access concentrator sends the client a PADS packet
with a unique session ID for a PPPoE session and a service name that identifies
the service under which it accepts the session.
To reject the session, the access concentrator sends the client a PADS packet
with a service name error and resets the session ID to zero.
• The access concentrator can start the PPPoE session after it sends a PADS packet to the client, or
the client can start the PPPoE session after it receives a PADS packet from the access
concentrator.
• In Session Stage, PPP LCP Options such as Authentication and negotiation processes are made
up.
• After a session is established, the client or the access concentrator can send a PPPoE Active
Discovery Termination (PADT) packet anytime to terminate the session.
• Cisco IOS have Dialer Interfaces (Up to 256) for a long time and dialer interfaces act as logical
interfaces that can be dynamically bound to use another interface (physical or logical).
• Dialer Interface uses Dialer Pool (Dialer Pool with Pool-ID) to connect physical interface. Also
physical interface determine Dialer Interface via configured Pool-ID (on physical interface).
• By using different Dialer Pool (Multiple Pool with different Pool-D), the router (client) can have
multiple dialer interfaces and multiple PPPoE Sessions.
Virtual-Access Interface
• When PPPoE session is up and working, IOS dynamically created Virtual-Access Interface and
bound to dialer interface and ethernet interface for dial up PPPoE Session.
BBA Group