What is a network?

It’s a group of computing devices connected/ linked together in-order to allow them to share resources; there are two types of
networks

1- Peer to peer network (each computer in the network acts as a server and client at the same time)

2- Server based network, a server is a powerful computer that provides a services for the network, it provides a centralized
control over the network, and security

What is a topology?

Refers to the physical or the logical layout of the network, it defines the way of how different nodes are connected in the
network,

There are 2 types of network topologies, Physical or Logical, the major difference between both of them; that the physical
topology focusing on the physical layout, and how nodes physically are connected, however the logical focusing on the patterns
of data transfer between the network nodes.

The physical and the logical topologies of a network doesn’t necessarily have to be identical, however in general network
topologies can be categorized into like 5 types :

1- Bus topology : all the devices are connected sequentially to the same backbone

2- Star topology : all the nodes in the network are connected to a central device like a hub or switch

3- Ring topology : all the nodes are connected sequentially to the same backbone like in the bus, except; the ending
Point is connected to the starting point

4- Tree topology : the root node is connected to two sub-level nodes like a hierarchical mode

5- Mesh topology : each node is connected to some or all of the other nodes in the network, this redundancy makes
the network highly fault tolerant

What is a Gateway ?

The gateway is the network point that acts as an entrance to another network, in a large enterprise network the gateway is often
acts as a proxy server and firewall server. And it’s often associated with a Router

What is a protocol ?

a protocol is a communication language, it’s a set of rules that governs the communication between 2 nodes, defines how data is
transmitted

What is the OSI ?

OSI stands for Open System Interconnection, reference model; it defines the mechanism of data transmission from Point A to
Point B on the network, into 7 stages (7 layers)
Which layers are network support layers ?

a. Physical Layer
b. Data link Layer and
c. Network Layers
Which layers are user support layers ?

a. Session Layer
b. Presentation Layer and
c. Application Layer

Which layer links the network support layers and user support layers ?

The Transport layer links the network support layers and user support layers.

What are the concerns of the Physical Layer ?

Physical layer coordinates the functions required to transmit a bit stream over a physical medium.

a. Physical characteristics of interfaces and media

b. Representation of bits
c. Data rate
d. Synchronization of bits
e. Line configuration
f. Physical topology
g. Transmission mode

What are the responsibilities of Data Link Layer ?

The Data Link Layer transforms the physical layer, a raw transmission facility, to a reliable link and is responsible for node-node
delivery.

a. Framing
b. Physical Addressing
c. Flow Control
d. Error Control
e. Access Control

What are the responsibilities of Network Layer ?

The Network Layer is responsible for the source-to-destination delivery of packet possibly across multiple networks (links).

a. Logical Addressing
b. Routing

What are the responsibilities of Transport Layer ?

The Transport Layer is responsible for source-to-destination delivery of the entire message.

a. Service-point Addressing
b. Segmentation and reassembly
c. Connection Control
d. Flow Control
e. Error Control

What are the responsibilities of Session Layer ?

The Session layer is the network dialog Controller. It establishes, maintains and synchronizes the interaction between the
communicating systems.

a. Dialog control
b. Synchronization
What are the responsibilities of Presentation Layer ?

The Presentation layer is concerned with the syntax and semantics of the information exchanged between two systems.

a. Translation
b. Encryption
c. Compression

What are the responsibilities of Application Layer ?

The Application Layer enables the user, whether human or software, to access the network. It provides user interfaces and
support for services such as e-mail, shared database management and other types of distributed information services.

a. Network virtual Terminal

b. File transfer, access and Management (FTAM)
c. Mail services
d. Directory Services

What is TCP/IP Protocol ?

Stands for Transmission Control Protocol over the Internet Protocols, it provides end-to-end connectivity, and it verifies how
data should be formatted, addressed, transmitted, routed and received at the other end.

How it Works ?

There are four distinct elements that uniquely identify TCP connections. They are :-

• IP address of the Sender

• IP address of the receiver
• TCP port of the sender
• TCP port of the receiver

To establish a TCP session, the two computers participating in the session must first go through what is known as the ” three-
ways handshake” (SYNCK – SYNCK/ACK - ACK). There are two scenarios where a three-way handshake would take place,
namely : -

• Establishing a connection ( an active open )

• Terminating a connection ( an active close)

The steps in the connection establishment are as follows : -

• Client :- sends a message with the SYN flag on

• Server :- Replies to the client with a message that has SYN and ACK flag on.
• Client :- replies on the server’s SYN/ACK message with an ACK message

What are the differences between Router and Switch and Hub?

Switch:
-­‐ Operates on layer 2 of the OSI (Data Link Layer)
-­‐ Makes decisions based on the MAC Address
-­‐ Loop Avoidance
-­‐ Breaks up collision domains
-­‐ It creates a separate collision domains but a single broadcast domain
-­‐ Cant communicate among different networks – Internally (LAN)
Router:
-­‐ Router Operates on Layer 3 of the OSI model (Network Layer)
-­‐ Makes decision based on IP logical Addressing
-­‐ Breaks up the Collision domain and broadcast domains
-­‐ Can communication among different Networks (WANs)

Hub:
-­‐ Operates on layer 1 (Physical Layer) of the OSI model
-­‐ No filtering, no Addressing
-­‐ It creates a broadcast and collision domains
-­‐ Makes forwarding to all the ports when a signal is arrived
-­‐ It’s basically just a multi-port repeater (it’s not a smart device)

Bridge: - Operates on Layer (2) of the OSI Model (Data link Layer)

What is Flow Control ?

Flow control is handled by TCP through a process called windowing. The two end devices negotiate the window size when
initially establishing the connection; then they dynamically renegotiate window size during the life of the connection, increasing
its size until it reaches the maximum window size of 65,535 bytes or until errors occur.

Window size is specified in the window field of the TCP header. After sending the amount of data specified in the window size,
the source must receive an acknowledgment before sending the next window size of data.

Differences between TCP and UDP Protocol?

TCP is Connection Oriented protocol uses 3 ways handshake sync- sync/ack – ack
UDP user datagram protocol is connectionless protocol and it’s unreliable protocol
User Datagram protocol is a protocol that is used at the Transport layer for connectionless, non-guaranteed communications.
Unlike TCP, UDP does not setup a connection and does not use acknowledgments.

Common network applications that use UDP include Domain Name System (DNS) , Streaming Media Applications ,
Voice over IP , Trival File Transfer Protocol ( TFTP) and online Games .
IP Address ?

It’s an Identifier on the network it’s a logical address, changeable,

There are 3 types of IP addresses :

1- Public
2- Private
3- Special
Public IP address is the real IP Address used on the internet and there are 5 classes of the public IP addresses :

Class A: 1 – 126
Class B: 128 – 191
Class C: 192 – 223
Class D: 224 – 239
Class E: 240 – 254

For Private IP Addresses there are 3 different classes:

Private IP address are the IP address which you can use it in a private Network LAN, because of the limitation of the real IP
address on the internet .
The 3 classes are :

Class A: 10.0.0.0 – 10.255.255.255 /8

Class B: 172.16.0.0 – 172.31.255.255 /255.240
Class C: 192.168.0.0 – 192.168.255.255 / 16

Special IP address reserved IP addresses for example (255.255.255.255) reserved for Broadcasting

What is point to point communication?

It provides a dedicated link between 2 devices and the entire capacity of the link is reserved for the transmission between the 2
devices

What is multi-point connection?

More than 2 devices sharing a single link.

Define a LAN and WAN ?

A LAN Stands for Local Area Network, a group of computers or network devices connected together in a small geographical
area, normally within an office or in a building

WAN, stands for a Wide Area Network. It provides a wide range communication, it covers a large geographical area

Define the Internet ?

The Internet is a network of networks

Define a Bandwidth ?

Is the capacity of a communication channel

What is throughput?

Is the average rate of data transmission

What is wireless communication ?

Unguided data transmission, sending data via electromagnetic field , without using any physical conductor

What is VLAN ?

VLAN stands for Virtual LAN, and it’s a Logical grouping of a network, even if they were physically connected together, and it
provides a security, and broadcast domain control
Explain VLAN ?

We know switch having one broadcast domain and multiple collision domains.

In a normal case when a switch sends a broadcast it will reach all ports.

But in some cases we have to restrict that behavior of switches.

For that we use Virtual LANs (or VLANs).

VLAN's separate a Layer-2 switch into multiple broadcast domains.

Each VLAN has its own individual broadcast domain. Individual ports or groups of ports can be assigned to a specific VLAN.

Only ports belonging to the same VLAN can freely communicate to each other.

A router or layer 3 switch is needed for Inter-VLAN Communication. Broadcasts from one VLAN will never be sent out
ports belonging to another VLAN.

What are the advantages of using VLANs ?

A VLAN is a single broadcast domain, which means that if a user in the engineering VLAN sends a broadcast frame only users
in the same VLAN will receive it.
Users are only able to communicate within the same VLAN (unless you use a router).
Users don’t have to be grouped physically together, as you can see we have users in the Engineering VLAN sitting on the 1st,
2nd and 3rd floor.

Terminologies associated with VLAN's

Trunking : Carrying multiple VLANs over the same physical connection. We must configure a trunk link between two
switches. Only trunk links are capable of carrying multiple VLAN information

Native VLAN : By default, frames in this VLAN are untagged when sent across a trunk. VLAN 1 is called native VLAN (By
default)

Access VLAN : The VLAN to which an access port is assigned

Dynamic Trunking Protocol (DTP) : Can be used to automatically establish trunks between capable ports (insecure method!)

Switched Virtual Interface (SVI) : A virtual interface which provides a routed gateway into and out of a VLAN

Router on Stick : Method used for communicating Inter-VLAN's using a router

There are two trunking protocols we can use:

• IEEE 802.1Q [dot1Q] : An open standard that is supported on switches from many vendors and most NICs.
• Cisco ISL (Inter-Switch Link): An old Cisco proprietary protocol that is only supported on some Cisco switches.

IEEE 802.1Q ISL (Inter-Switch Link)

Open Standard Cisco Proprietary
Native VLAN is not tagged Native Vlan is tagged
Tags Ethernet Frame Encapsulate Ethernet Frame
Maximum VLANs : 4094 Maximum VLANs 1000
Header Size : 4 bytes Header Size : 26 bytes

Different Switch Port Modes ?

Trunk : Forms an unconditional trunk

Dynamic desirable : Attempts to negotiate a trunk with the far end
Dynamic auto : Forms a trunk only if requested by the far end
Access : Will never form a trunk

Note : Older switches are dynamic desirable by default and modern switches are dynamic auto by default. Its better to manually
configure trunk and give non-negotiate command. The negotiation of the switchport status by using dynamic auto or dynamic
desirable is called DTP (Dynamic Trunking Protocol). You can disable it completely by using the switchport nonegotiate
command

VLAN information is not saved in the running-config or startup-config but in a separate file called vlan.dat on your flash
memory. If you want to delete the VLAN information you should delete this file by typing delete flash:vlan.dat.

VLAN Creation
Switch(config)# vlan 100
Switch(config-vlan)# name Engineering
Switch(config-vlan)#exit

Adding interface to VLAN

Switch(config)#interface fastethernet 0/1
Switch(config-if)#switchport mode access
Switch(config-if)# switchport nonegotiate
Switch(config-if)#switchport access vlan 3

Configuring Trunk Links

To manually configure a trunk port, for either ISL or 802.1Q tagging:
Switch(config)# interface fa0/24
Switch(config-if)# switchport trunk encapsulation< isl / dot1q >
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport nonegotiate

To change Native Vlan

Switch(config)#interface fa0/14
Switch(config-if)#switchport trunk native vlan 100

For security reasons it might be a good idea not to allow all VLANs on your trunk link. We can change this by using the
switchport trunk allowed vlan command.

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk allowed vlan remove 50-100
Switch(config-if)# switchport trunk allowed vlan add 60-65

The first switchport command will prevent the trunk port from passing traffic from VLANs 50-100. The second switchport
command will re-allow the trunk port to pass traffic from VLANs 60-65.
SVI Configuration
Switch(config)# interface vlan100
Switch(config-if)# ip address 192.168.100.1 255.255.255.0

Router on a Stick Configuration

STEP 1 : Switch configuration

SW1# configure terminal

SW1(config)# interface fa 0/1
SW1(config-if)# switchport trunk encapsulation dot1q
SW1(config-if)# switchport mode trunk

The above steps complete the switch-side configuration.

STEP 2 - Router Configuration

We need to follow a similar configuration for our router to enable communication with our switch and allow all VLAN traffic to
pass through and route as necessary.

R1# configure terminal

R1(config)# interface Fa 0/2
R1(config-if)# no ip address
R1(config-if)# no shutdown
R1(config-if)# interface Fa 0/2.1
R1(config-subif)# encapsulation dot1q 1 native
R1(config-subif)# ip address 192.168.0.1 255.255.255.0
R1(config-subif)# interface Fa 0/2.2
R1(config-subif)# encapsulation dot1q 2
R1(config-subif)# ip address 192.168.2.1 255.255.255.0
R1(config-subif)#exit

Show Commands
show vlan
show interface fa 0/24 switchport]
show interface trunk
show interface fa 0/24 trunk

How to connect / link multiple VLANs to (1) DHCP Server ?

All what you want is just one Domain Controller and one DHCP, One DNS already installed on Windows 2012 server.
Lets say you have 2 or 3 VLANs and you have 1 DHCP already installed on windows server 2012

I’ll show you in a step by step how to configure multiple VLANs to one DHCP.

Say that the first :

VLAN (1) IP Address is 10.1.10.1 (Management VLAN)
VLAN (2) IP address is 10.1.10.2 (Admin VLAN)
Your DNS IP address is 10.1.10.3 (Local DNS)

Open your Server Manager à Go to tools à Click on DHCP

This will open the DHCP management console à select your Server “the one with DHCP” then right click and select “New
Scope ” name it a meaningful name like the VLAN name “Lets name it Management scope” if this VLAN meant for the
Management
Will ask you for the starting IP and Ending IP addresses put your range for this VLAN (VLAN_1) and here it depends on how
many PCs are connected to this VLAN lets say it’s 20 Computer then the starting IP address will be (10.1.10.50 – 10.1.10.70)
then click next till you reach the DHCP configuration Options
When it comes to the DHCP configuration options will ask you if you want to configure the DHCP , click YES
Will ask you for the Router (VLAN Switch) Configurations, and in the Default Gateway write the VLAN targeted switch IP
address which is (10.1.10.1) and in the DNS settings write the Local DNS IP address as the Primary DNS and the Secondary
DNS will be your VLAN Switch IP address

This is the first VLAN setting, now you can repeat these steps with the second VLAN (VLAN_2) Admin_VLAN.

Select the Domain again, and right click and select a new scope à then follow the same settings steps, all what you need to
change is the second VLAN Switch IP address with the new range of the IP addresses.

What is Multi VLAN Port ?

The multi-VLAN port is a special feature, which allows switch for configuring a single port for 2 or more VLANs. This feature
allows users from different VLANs to access a server or router without implementing InterVLAN routing capability. A multi-
VLAN port performs normal switching functions in all its assigned VLANs.

Multi-VLAN port will not work when a trunk is configured on the switch.

Multi-VLAN can’t be used to connect between switches.

Multi-VLAN port only used to connect a router or server. The switch automatically transitions to VTP transparent mode when
the multi-VLAN port feature is enabled, making the VTP disabled.

The multi-VLAN port feature is supported only on the Catalyst 2900 XL/3500 XL series switches. This feature is not supported
on the Catalyst 4000/5000/6000 series or any other Cisco Catalyst switches.

Configuration
Switch(config-if)# switchport mode multi

To assign a multi-VLAN port already in multi mode to a range of VLANs:

Switch(config-if)# switchport multi vlan 15-20

What is the difference between static VLAN and dynamic VLAN ?

- Static VLANs are also referred to as port-based VLANs .

In static VLAN switch-ports must be manually assigned to a VLAN.
Any device connecting to that switch-port(s) becomes a member of that VLAN.
The client device is unaware that it belongs to a specific VLAN. Static VLAN is easy to configure.

In static VLAN, as a device enters the network, the device automatically assumes the VLAN of the port.
If the user changes ports and needs access to the same VLAN, the network administrator must manually make a port-to-VLAN

- In dynamic VLAN devices are automatically assigned into a VLAN based on its MAC address. This allows a client device to
remain in the same VLAN, regardless of which switch port the device is attached to. VLAN membership of a user always
remains the same even when he/she is moved to another location.

Dynamic VLANs are created through the use of software. With a VLAN Management Policy Server (VMPS), an administrator
can assign switch ports to VLANs dynamically based on information such as the source MAC address of the device connected to
the port or the username used to log onto that device. As a device enters the network, the switch queries a database for the
VLAN membership of the port that device is connected to.

Static VLAN assignment provides a simple way to assign VLAN to a port while Dynamic VLANs allow a great deal of
flexibility and mobility for end users but require more administrative overhead.

How to Configure Protected Ports (Switching) ?

We have two computers, one switch and one server, everything is in one VLAN and the two computers and server can
communicate with each other.
For security reason we have to block computer A and computer B from communicating each other. But both Computer A and
Computer B can communicate with server. In such scenario we can use protected ports. By default all ports are unprotected
ports.

"After enabling protected ports, the ports we configured protected ports cant communicate each other. Protected ports can
communicate with Unprotected Ports"

Simply we can say

Protected port <--> Unprotected = working

Protected port <--> Protected port = not working

Configuration

Switch(config)#interface <Interface Name>

Switch(config-if)#switchport protected
Switch(config-if)#end

Configure "Switchport protected" command on both interfaces where computer A and Computer B is connected.Then we can
say interfaces connected to ComputerA and ComputerB are protected. Interface connected to SERVER is still unprotected.You
can verify the working of protected ports by pinging each other.Also we can verify it by using below show command

#show interfaces <Interface Name> switchport

#show interfaces <Interface Name> switchport | include Protected

Troubleshooting VLAN Problems ?

If you're experiencing connectivity problems in a VLAN environment, you should perform the following troubleshooting steps:
- Check the status of the interface with the show interfaces command. Use CDP to check connectivity.
Check the duplexing of the connection (auto negotiation is a common problem with the negotiation of the duplexing mode).
- Is your router and switch configuration correct? Verify that you've configured your routing protocol and your router's
interface. If you're trunking between the router and the switch, verify this configuration.

- Have you set up your VLAN configuration correctly? Check to make sure that the appropriate interfaces are associated
with the correct VLANs.

What is VPN ? What are the types of VPN ? What is Tunneling ?

VPN Stands for Virtual Private Network it provide a secure method for connecting to a private network over the Internet, and it
allows only the authorized used to access the network using a user name and password , VPN devices are a remote access
devices

VPN Architecture :

VPN primarily used to secure private network traffic over an unsecured network, such as the internet,

VPN helps provide a secure mechanism for encrypting and encapsulating private network traffic and moving it through an
intermediate network. Data is encrypted for confidentiality, and packets that might be intercepted on the shared or public
network are indecipherable without the correct encryption keys. Data is also encapsulated, or wrapped, with an IP header
containing routing information.

There are a number of ways to use VPN. The most common scenario is when a remote user accesses a private network across the
Internet using a remote access VPN connection. In another scenario, a remote office connects to the corporate network using
either a persistent or an on-demand site-to-site VPN connection (also known as a router-to-router VPN connection).

Each of these VPN scenarios can be deployed to provide connectivity over a public network, such as the Internet, or over a
private intranet. VPN connections can also be deployed in an extranet scenario to communicate securely with business partners.
An extranet functions as an intranet that can be securely shared with a designated business partner.
With both the remote access and site-to-site connections, VPNs enable an organization to replace long distance dial-up or leased
lines with local dial-up or leased lines to an Internet service provider (ISP).
Remote access VPN

A remote access VPN

Client makes a remote access VPN connection. A remote access client is a single computer user who connects to a private
network from a remote location. The VPN server provides access to the resources of the network to which the VPN server is
connected. The packets sent across the VPN connection originate at the VPN client.
The VPN client authenticates itself to the VPN server and, for mutual authentication; the VPN server authenticates itself to the
VPN client.

Site-to-site VPN

A site-to-site VPN connection connects two portions of a private network or two private networks. For example, this allows an
organization to have routed connections with separate offices, or with other organizations, over the Internet. A routed VPN
connection across the Internet logically operates as a dedicated Wide Area Network (WAN) link.
The VPN server provides a routed connection to the network to which the VPN server is attached. On a site-to-site VPN
connection, the packets sent from either router across the VPN connection typically do not originate at the routers. The calling
router (the VPN client) authenticates itself to the answering router (the VPN server), and, for mutual authentication, the
answering router authenticates itself to the calling router.

Internet-based VPN Connections

Using an Internet-based VPN connection, an organization can avoid long-distance charges while taking advantage of the global
availability of the Internet.
Remote Access VPN Connections over the Internet
A remote access VPN connection over the Internet enables a remote access client to initiate a dial-up connection to a local ISP
instead of connecting to a corporate or outsourced network access server (NAS). By using the established physical connection to
the local ISP, the remote access client initiates a VPN connection across the Internet to the organization’s VPN server. When the
VPN connection is created, the remote access client can access the resources of the private intranet. The following figure shows
remote access over the Internet.

VPN Connecting a Remote Client to a Private Intranet

Site-to-Site VPN Connections Over the Internet

When networks are connected over the Internet, as shown in the following figure, a router forwards packets to another router
across a VPN connection. To the routers, the VPN connection operates as a data-link layer link.
VPN Connecting Two Remote Sites Across the Internet

VPN Tunneling

Tunneling is a network technology that enables the encapsulation of one type of protocol packet within the datagram of a
different protocol. For example, Windows VPN connections can use Point-to-Point Tunneling Protocol (PPTP) packets to
encapsulate and send private network traffic, such as TCP/IP traffic over a public network such as the Internet.

For PPTP and Layer Two Tunneling Protocol (L2TP), a tunnel is similar to a session. Both of the tunnel endpoints must agree to
the tunnel and must negotiate configuration variables, such as address assignment, encryption, or compression parameters. In
most cases, data transferred across the tunnel is sent using a datagram-based protocol. A tunnel management protocol is used as
the mechanism to create, maintain, and terminate the tunnel.

After the tunnel is established, data can be sent. The tunnel client or server uses a tunnel data transfer protocol to prepare the data
for transfer. For example, when the tunnel client sends a payload to the tunnel server, the tunnel client first appends a tunnel data
transfer protocol header to the payload. The client then sends the resulting encapsulated payload across the network, which
routes it to the tunnel server. The tunnel server accepts the packets, removes the tunnel data transfer protocol header, and
forwards the payload to the target network. Information sent between the tunnel server and the tunnel client behaves similarly.

There are two types of tunneling:

1- Voluntary tunneling
2- Compulsory tunneling

1- Voluntary Tunneling

A user or client computer can issue a VPN request to configure and create a voluntary tunnel. In this case, the users computer is
a tunnel endpoint and acts as the tunnel client.
Voluntary tunneling occurs when a client computer or routing server creates a virtual connection to the target tunnel server. To
accomplish this, tunneling client software and the appropriate tunneling protocol must be installed on the client computer. For
the protocols discussed in this technical reference, voluntary tunnels require an IP connection (either LAN or dial-up).
In a dial-up situation, the client must establish a dial-up connection to the network before the client can set up a tunnel. This is
the most common case. The best example of this is the dial-up Internet user, who must dial an ISP and obtain an Internet
connection before a tunnel over the Internet can be created.
For a LAN-attached client computer, there is already a connection to the network that can provide routing of encapsulated
payloads to the chosen LAN tunnel server. This would be the case for a client that is using an always-on broadband Internet
connection.
It is a common misconception that VPN connections require a dial-up connection. They require only IP connectivity between the
VPN client and VPN server. Some clients (such as home computers) use dial-up connections to the Internet to establish IP
transport. This is a preliminary step in preparation for creating a tunnel and is not part of the tunnel protocol itself.

2- Compulsory Tunneling

In compulsory tunneling, a VPN-capable remote access server configures and creates a compulsory tunnel. With a compulsory
tunnel, the user's computer is not a tunnel endpoint. Another device, the dial-up access server, between the user's computer and
the tunnel server is the tunnel endpoint and acts as the tunnel client.

A number of vendors that sell dial-up access servers have implemented the ability to create a tunnel on behalf of a dial-up client.
The computer or network device providing the tunnel for the client computer is variously known as a Front End Processor (FEP)
for PPTP or an L2TP Access Concentrator (LAC) for L2TP. For the purposes of this reference, the term FEP is used to describe
this functionality, regardless of the tunneling protocol. To carry out its function, the FEP must have the appropriate tunneling
protocol installed and must be capable of establishing the tunnel when the client computer connects.

In compulsory tunneling, the client computer places a dial-up call to a tunneling-enabled NAS at the ISP. For example, a
corporation might have contracted with an ISP to deploy a nationwide set of FEPs. These FEPs can establish tunnels across the
Internet to a tunnel server connected to the organization’s private network, thus consolidating calls from geographically diverse
locations into a single Internet connection at the organization network.

This configuration is known as compulsory tunneling because the client is compelled to use the tunnel created by the FEP. Once
the initial connection is made, all network traffic to and from the client is automatically sent through the tunnel. With
compulsory tunneling, the client computer makes a single PPP connection. When a client dials into the NAS, a tunnel is created
and all traffic is automatically routed through the tunnel. An FEP can be configured to tunnel all dial-up clients to a specific
tunnel server. The FEP could also tunnel individual clients, based on the user name or destination.
Unlike the separate tunnels created for each voluntary client, multiple dial-up clients can share a tunnel between the FEP and the
tunnel server. When a second client dials into the access server (FEP) to reach a destination for which a tunnel already exists,
there is no need to create a new instance of the tunnel between the FEP and tunnel server. Instead, the data traffic for the new
client is carried over the existing tunnel. Since there can be multiple clients in a single tunnel, the tunnel is not terminated until
the last user of the tunnel disconnects.

PPTP

Point-to-Point Tunneling Protocol (PPTP) encapsulates Point-to-Point Protocol (PPP) frames into IP datagrams for transmission
over an IP-based network, such as the Internet or over a private intranet. PPTP is described in RFC 2637 in the IETF RFC
Database.

PPTP uses a TCP connection, known as the PPTP control connection, to create, maintain, and terminate the tunnel. PPTP uses a
modified version of Generic Routing Encapsulation (GRE) to encapsulate PPP frames as tunneled data. The payloads of the
encapsulated PPP frames can be encrypted, compressed, or both.

PPTP assumes the availability of an IP network between a PPTP client (a VPN client using the PPTP tunneling protocol) and a
PPTP server (a VPN server using the PPTP tunneling protocol). The PPTP client might already be attached to an IP network that
can reach the PPTP server, or the PPTP client might have to use a dial-up connection to a NAS to establish IP connectivity as in
the case of dial-up Internet users.

Authentication that occurs during the creation of a PPTP-based VPN connection uses the same authentication mechanisms as
PPP connections, such as Extensible Authentication Protocol (EAP), Microsoft Challenge-Handshake Authentication Protocol
(MS-CHAP), Microsoft Challenge-Handshake Authentication Protocol version 2 (MS-CHAP v2), CHAP, Shiva Password
Authentication Protocol (SPAP), and Password Authentication Protocol (PAP). PPTP inherits encryption, compression, or both
of PPP payloads from PPP. For PPTP connections, EAP-Transport Layer Security (EAP-TLS), MS-CHAP, or MS-CHAP v2
must be used for the PPP payloads to be encrypted using Microsoft Point-to-Point Encryption (MPPE).

MPPE provides only link encryption between the VPN client and the VPN server. It does not provide end-to-end encryption,
which is data encryption between the client application and the server hosting the resource or service that is being accessed by
the client application. If end-to-end encryption is required, IPSec can be used to encrypt IP traffic from end-to-end after the
PPTP tunnel is established.

Tunnel Maintenance with the PPTP Control Connection

There is a PPTP control connection between the IP address of the PPTP client using a dynamically allocated TCP port and the IP
address of the PPTP server using the reserved TCP port 1723. The PPTP control connection carries the PPTP call control and
management messages that are used to maintain the PPTP tunnel. This includes the transmission of periodic PPTP Echo-Request
and PPTP Echo-Reply messages to detect a connectivity failure between the PPTP client and PPTP server. PPTP control
connection packets consist of an IP header, a TCP header, a PPTP control message, and a data-link trailer and header as shown
in the following figure:

PPTP Control Connection Packet

The following table lists the primary PPTP control messages that are sent over the PPTP control connection. For all of the PPTP
control messages, the specific PPTP tunnel is identified by the TCP connection.

What is a Proxy Server and How it works ?

A Proxy server is a server that acts as an intermediary between the user workstation and the Internet so that the company can
ensure security, administrative control, and caching service

A proxy server is associated with or part of a Gateway server that separates the company network from the outside networks and
a firewall server that protects the company network from the outside intrusions

A proxy server receives a request for an Internet service (such as a webpage request) from a user. If it passes filtering
requirements, the proxy server assuming it also a cache server, and it looks in its local cache if it previously downloaded this
webpage, if the page is found in the cache, it returns it to the user without needing to forward I the request to the internet and if
the page is not found in the cache the proxy server acts as a client on behalf of the user, using one of its own IP addresses to
request the page over the internet then it forwards the page to the local user.

An advantage of the proxy server is that its cache can serve all the users, and if one Internet page is frequently requested from
the users, then proxy caches it inside its cache.

The functions of proxy, firewall, and caching can be in separate server programs or combined in a single package

What is a layer?

It’s a logical partition of PDU (protocol Data Unit) process

What is a DNS ?

A DNS stands for Domain Name Systems, its an Internet service, it translates the Domain names form Alphabetic to IP
addresses. How it works, open your browser and type www.google.com. Your local DNS will start to look inside it’s database
,for the correct address for that domain, and if it couldn’t find it , will make a DNS forward to another DNS and so, until it gets
the correct IP address for that website name, all of these processes takes milliseconds , you won’t even notice

What is DCHP?

DHCP is Dynamic Configuration Control Protocol. It s main functionality to obtain automatic IP address to any computer is
connected in a network into 4 steps

1- DHCP-Discover
2- DHCP Offer
3- DHCP Request
4- DHCP Acknowledgment

What is a Firewall ?

It’s a system (could be Hardware or Software) designed to prevent unauthorized access to/from a private network, it, does a
packet filtering

ACL and Firewall ?

ACL (Access Control List) and firewall both shares the packet filtering features, however the main difference between both that
ACL does stateless inspection and Firewall does stateful inspection, which means that the firewall not only sees the TCP packet
but also it can know whether there was a proper beginning for that TCP conversation

What is Subnetting used for ? What are the types of subnetting ?

Subnet used to break up large networks into smaller sub-networks, and it provides traffic control

There are two types of subnetting

1- FLSM (Fixed length Subnet Mask)
2- VLSM (Variable Length Subnet Mask)
What is Failover Clustering ?

In windows Server 2012 it provides 2 cluster technologies

1- Failover cluster
2- Network load balancing clusters (NLB)

Failover cluster primarily provides high availability

Network load balancing provides scalability

Failover clusters are designed for applications that have long-running in-memory state, or that have large, frequently updated
data states. These are called stateful applications, and they include database applications and messaging applications. Typical
uses for failover clusters include file servers, print servers, database servers, and messaging servers.

Network Load Balancing is intended for applications that do not have long-running in-memory state. These are called stateless
applications. A stateless application treats each client request as an independent operation, and therefore it can load-balance
each request independently. Stateless applications often have read-only data or data that changes infrequently. Front-end Web
servers, virtual private networks (VPNs), File Transfer Protocol (FTP) servers, and firewall and proxy servers typically use
Network Load Balancing. Network Load Balancing clusters can also support other TCP- or UDP-based services and applications

Failover cluster overview !!

By using a failover cluster, you can ensure that users have nearly constant access to important server-based resources.

A failover cluster is a set of independent computers that work together to increase the availability of services and applications.

The clustered servers (called nodes) are connected by physical cables and by software. If one of the nodes fails, another node
begins to provide service through a process known as failover.

You can use the Failover Cluster Manager snap-in to validate failover cluster configurations, create and manage failover clusters,
and migrate some resource settings to a cluster running Windows Server 2008 R2 / 2012 Server

In Windows Server 2008, the changes to failover clusters (formerly known as server clusters) are aimed at simplifying cluster
setup and management, making the clusters more secure and stable, improving networking in clusters, and improving how
failover clusters communicate with storage.

What are failover clusters?

A failover cluster is a group of independent servers that are running Windows Server 2008 /2012 and working together to
increase the availability of services and applications.

When a failure occurs on one computer in a cluster, resources are redirected and the workload is redistributed to another
computer in the cluster. You can use failover clusters to ensure that users have nearly constant access to important server-based
resources.

What is Windows Deployment Services (WDS) ?

Windows deployment services enables you to deploy (Install) Windows Operating Systems, you can use it to setup a new
computers by using Network-based installation, this means that you don’t have to install each operating system directly from
local installation media (CD/DVD)

How to install (WDS) using Server Manager ?

1. In Server Manager, click Manage.

2. Click Add roles and features.
3. Select Role-based or feature-based installation and choose the server to deploy WDS.
4. On the Select server roles page select the Windows Deployment Services check box.
5. Click next and follow the wizard to completion.
During installation, on the Select role services page, the wizard presents the option to select role services to be installed in
Windows Deployment Services. You can choose to install the Deployment Server and Transport Server, or leave both roles
selected

Define the terms Unicasting, Multiccasting and Broadcasting?

If the message is sent from a source to a single destination node, it is called Unicasting.
If the message is sent to some subset of other nodes, it is called Multicasting.
If the message is sent to all the m nodes in the network it is called Broadcasting.

What is a Multiplexer ?

A multiplexer (MUX) is a device allowing one or more low-speed analog or digital input signals to be selected, combined and
transmitted at a higher speed on a single shared medium or within a single shared device. Thus, several signals may share a
single device or transmission conductor such as a copper wire or fiber optic cable. A MUX functions as a multiple input, single
output switch.

In telecommunications the combined signals, analog or digital, are considered a single output higher speed signal transmitted on
several communication channels by a particular multiplex method or technique. With two input signals and one output signal,
the device is referred to as a 2-to-1 multiplexer; with four input signals it is a 4-to-1 multiplexer; etc.

Multiplexer (MUX)

For analog signals in telecommunications (and signal processing), a TDM (time division multiplexer) may select multiple
samples of separate analog signals and combine them into one PAM (pulse amplitude modulated) wide-band analog signal.

For digital signals in telecommunications on a computer network or with digital video, several variable bit-rate data streams of
input signals (using packet mode communication) may be combined, or multiplexed, into one constant bandwidth signal. With
an alternate method utilizing a TDM, a limited number of constant bit-rate data streams of input signals may be multiplexed into
one higher bit-rate data stream.

A multiplexer requires a demultiplexer to complete the process, i.e. to separate multiplex signals carried by the single shared
medium or device.

Often an multiplexer and a demultiplexer are combined into a single device (also often just called a multiplexer) allowing the
device to process both incoming and outgoing signals. Alternately, a multiplexer’s single output may be connected to a
demultiplexer’s single input over a single channel. Either method is often used as a cost-saving measure. Since most
communication systems transmit in both directions, the single combined device, or two separate devices (in latter example), will
be needed at both ends of the transmission line.

Other types of multiplexing technologies and processes include (not a comprehensive listing):

• Inverse Multiplexing (IMUX)

• Wavelength Division Multiplexing (WDM)
• Dense Wavelength Division Multiplexing (DWDM)
• Conventional Wavelength Division Multiplexing (CWDM)
• Reconfigurable Optical Add-Drop Multiplexer (ROADM)
• Frequency Division Multiplexing (FDM)
• Orthogonal Frequency Division Multiplexing (OFDM)
• Add/Drop Multiplexing (ADM)
What is TDM ?

TDM is a digital process that can be applied when the data rate capacity of the transmission medium is greater than the data rate
required by the sending and receiving devices.
What is Synchronous STDM ?

In STDM, the multiplexer allocates exactly the same time slot to each device at all times, whether or not a device has anything to
transmit.

What are the categories of Transmission media ?

a. Guided Media
i. Twisted - Pair cable
1. Shielded TP
2. Unshielded TP
ii. Coaxial Cable
iii. Fiber-optic cable

b. Unguided Media
i. Terrestrial microwave
ii. Satellite Communication

What is Checksum ?

Checksum is used by the higher layer protocols (TCP/IP) for error detection
What are the two types of transmission technology available ?

(i) Broadcast and

(ii) Point-to-Point

Difference between the communication and transmission ?

Transmission is a physical movement of information and concern issues like bit polarity, synchronization, clock etc.

Communication means the meaning full exchange of information between two communication media.

What are the possible ways of data exchange ?

(i) Simplex (ii) Half-duplex (iii) Full-duplex.

à Difference between Full duplex (FDX), Half Duplex (HDX) and Simplex

-­‐ Full Duplex : provides a connection both ways (Simultaneously)

-­‐ Half Duplex : Provides a connection both ways but not at the same time, only one direction at a time, when a device
begin receiving a signal it must wait for the transmitter to stop transmitting before replying
-­‐ Simplex : One device transmit signal and other devices just listen like TV

26 – What is SNMP?

SNMP stands for Simple Network Management Protocol

It Is an Application-Layer protocol that facilitates the exchange of information between network devices.

It’s a part of TCP/IP protocol suite, and it’s used to collect information and configure network devices such as; Servers, Routers,
Switches, other communication devices.

In a standard SNMP, it uses one administrative computer called Manager, which manages the Network devices (Agents) using 3
commands
-­‐ Get / Set Request
-­‐ Get / Set Response
-­‐ Trap message … Trap is a synchronous notification from the Agent to the Manager
What is CRC?

-­‐ CRC stands for Cyclic Redundancy Check, its 2 bytes added to the end of every Modbus Message for error detection
-­‐ Every bye in the message is used to calculate the CRC message, the receiving device also calculates the CRC and
compare it to the CRC from the sending device, if even one bit is in the message is received incorrectly the CRCs will
be different and an error will result

What is Firmware ?

It’s a software that us embedded in a piece of hardware

 
What  is  Ping  /  ICMP  Utility?    
 
-­‐ Ping  stands  for  Packet  Internet  Gopher    
-­‐ It’s  a  utility  that  verifies  a  connection  between  2  hosts  on  the  network    
-­‐ The  ping  command  uses  the  ICMP  protocols  (Internet  Control  Message  Protocol)  
-­‐ It’s  a  network  layer  Internet  protocol,  which  can  report  errors  and  status  information    
-­‐ Ping  command  using  ICMP  Echo  request  messages  and  record  the  receipt  of  ICMP  Echo  reply  messages    
-­‐ With  these  2  messages  we  can  detect  network  or  host  communication  failures  and  troubleshoots  common  
TCP/IP  connectivity  problems    
-­‐ So,  finally  Ping  is  a  useful  method  to  determine  whether  a  particular  IP  system  on  the  network  is  functional  
or  not!  
 
What  is  RAID  ?    
 
It’s  a  method  used  to  standardize  and  categorize  fault-­‐tolerant  disk  systems    
 
10  Base  –T  /  100  Base  –T  and  1000  Base  –  T    
 
10  Base  –T  is  the  IEEE  Standard  that  defines  the  requirement  for  sending  information  at  10  Mbps  on  unshielded  twisted  
pair  cables    
(1000  Base  –  T  )  is  called  Gigabit  Ethernet    
 
Point-­‐to-­‐Point  Protocol?    
 
An  Industry  suite  of  protocols  for  the  use  of  point-­‐to-­‐point,  links  to  transport  multi-­‐protocols  datagrams    
 
What  is  the  difference  between  Baseband  and  Broadband  transmission?    
 
In  Baseband  transmission,  the  entire  bandwidth  of  the  cables  is  consumed  by  a  single  signal    
 
In  Broadband  transmission,  signals  are  sent  on  multiple  frequencies,  allowing  multiple  signals  to  be  sent  simultaneously    
 
What  is  a  Network  Backbone?  (Pathways)    
 
Is  the  part  of  the  computer  network  infrastructure  that  interconnects  different  networks  and  provides  path  for  data  
exchange  between  these  networks  .  
 
What  is  MAC  Address  ?  
 
Mac  Address:  Media  Access  Control,  Physical  Address  for  NIC  (Network  Interfacing  Card)  on  a  network.  This  address  
stored  on  the  ROM  (Read  Only  Memory)  on  the  NIC  adapter  and  it  is  a  unique  address.    
Mac  add  in  IPv4  is  48  bits    
Mac  address  in  IPv6  is  64  bits    
 
Disaster  recovery  Planning  
 
Backup  a  Full  system  Image  every  Week  a  DVD  or  using  Tape  Backup  in  case  if  the  system  crashed  /  failed      
 
What  is  FCS  ?  
 
Frame  Check  Sequence,  it’s  an  algorithm  runs  on  a  switch,  guess  it  is  used  for  error  detection    
 
What  is  Natting  ?  
 
Network  Address  Translation,  it  allows  a  single  real  IP  address  to  be  used  by  the  entire  private  local  network,  because  of  
the  limitation  of  the  real  IP  address  on  the  web    
 
How  many  reserved  Ports  ?  
 
0  –  1023    
 
What  is  Segmentation  and  Fragmentation  ?  
 
To  divide  data  into  pieces  is  called  segmentation  and  to  divide  segments  into  pieces  is  called  fragmentation    
 
Which  Layer  is  called  error  detection  layer  on  the  OSI  model  ?  
 
Data  Link  layer  (Layer  2)    
 
What  is  Encapsulation  and  De-­‐encapsulation  ?  
 
To  send  data  is  called  encapsulation  and  to  receive  data  is  called  de-­‐encapsulation    
 
On  which  base  Switch  and  Router  takes  decisions  ?  
 
A  switch  takes  decisions  based  on  the  MAC  Address    
Routers  take  decision  based  on  the  IP  address    
 
How  many  collision  domains  are  in  a  switch  ?    
 
Equals  to  number  of  its  ports    
 
How  many  broadcast  domains  are  in  a  switch  ?  
 
Just  One    
 
In  which  protocol  you  manually  enable  route  summarization  ?  
 
OSPF  (Open  Shortest  Path  First)  it’s  a  link  state  routing  protocol  
 
How  it  works  ?    
   
If  a  host  obtained  a  change  to  a  routing  table  or  detected  a  change  in  the  network,  immediately  multicast  the  information  
to  all  other  hosts.    
 
Unlike  the  RIP  (Routing  Information  Protocol)  the  entire  routing  table  is  sent  to  the  hosts  every  30  seconds    
 
OSPF  multicast  just  the  updates,  only  when  any  change  has  take  a  place          
 
What  is  Collision  ?    
 
When  signals  hits  each  other  a  collision  occurs    
 
What  is  the  functionality  of  ARP  ?  
 
Address  Resolution  Protocol  –  determining  a  network  host  link  or  address  when  it’s  IP  is  known.  
 
What  is  Routing  table  ?  
 
Routing  table  is  a  table  maintained  in  the  kernel  that  determines  how  packets  are  routed  to  another  system,  a  number  of  
programs  may  add  or  delete  routers  from  the  routing  tables,  including  route,  ifconfig,  in.routed  and  in.rdisc    
 
The  routing  table  consists  of  3  types  or  classes  of  routes  :    
-­‐ Host  routes  are  checked  first  and  define  a  route  just  to  one  host    
-­‐ Network  routes  are  checked  secondly  and  define  a  route  to  all  the  hosts  on  one  network  
-­‐ Default  routes  are  used  as  a  catch-­‐all,  when  no  host  or  network  routes  are  found  to  the  destination    
   
What  is  Routing  protocol  ?    
 
A  routing  protocol  specifies  how  routers  communicate  and  exchange  information  with  each  other  
There  are  a  lot  of  routing  protocols  
1-­‐ EIGRP  (Enhanced  Interior  Gateway  Routing  Protocol)  
2-­‐ EBGP  (External  Border  Gateway  Protocol)  
3-­‐ IGRP  
4-­‐ OSPF    
5-­‐ RIP  (Routing  Information  Protocol)  
6-­‐ Exterior  Gateway  Protocol  (EGP)  
7-­‐ ODR  (On  Demand  Routing)  
 
What  is  Data  Encryption  ?  
 
Encryption  is  the  process  of  modifying  or  changing  (scrambling)  the  actual  data  into  another  form,  so  no  one  can  
understand  it  without  the  correct  decryption  key  (unscramble),  to  ensure  safety  and  security,  simply  it’s  a  method  to  
protect  data  from  unauthorized  users    
  
What  is  TCP  Windowing  Concept  ?  
 
Windowing  is  a  technique  used  by  TCP  as  a  method  of  controlling  packets  between  two  computers  or  network  hosts.    
 
How  it  works  ?  
  TCP  requires  that  all  transmitted  data  to  be  acknowledged  by  the  receiving  host,  Window  announcements  are  
sent  by  the  receiving  system  to  the  transmitting  system  in  order  to  acknowledge  data  receipt  as  well  as  to  inform  the  
transmitting  system  of  the  current  buffer  size    
For  example  if  a  window  size  of  zero  is  reported  the  transmitting  system  must  wait  for  an  acknowledgement  before  
sending  the  next  packets,  and  if  the  receiving  system  reports  that  the  buffer  size  is  larger  than  the  size  of  a  single  data  
packet,  the  transmitting  system  knows  that  it  can  send  multiple  chunks  of  data  before  waiting  for  an  acknowledgement  
till  it  gets  an  acknowledgement  from  the  receiving  system  that  the  buffer  size  is  full  then  the  sending  system  is  going  to  
send  smaller  size  of  packets  (this  process  is  called  windowing)    
 
What  are  the  different  types  of  VPN  ?    

(Remote access VPN) & (Site to Site VPN)

 What  is  ARP  ?  

 
Address  resolution  protocol,  it’s  a  protocol  for  converting  an  IP  address  to  its  corresponding  Mac  address,            
 
When  you  send  data  over  the  network  /  internet  to  another  host,  the  gateway  asks  the  ARP  to  find  the  physical  host  
(MAC)  address  that  matches  the  IP  address,  and  the  ARP  looks  in  the  ARP  cache  till  it  gets  the  correct  destination  
(physical  MAC  address)  that  matches  the  given  IP  address    
 
What  is  ifconfig  ?    
 
Its  always  good  to  start  investigating  routing  problems  by  making  sure  that  your  interfaces  are  set  up  correctly,  by  
running  “ifconfig”,  you  can  see  your  current  interface  setup  
 
What  is  Netstat  ?    
 
It’s  a  common  command  in  TCP/IP  networking,  it  provides  information  and  statistics  about  protocols  in  use  and  current  
TCP/IP  network  connections  NETSTAT  –a  used  to  display  all  connections  and  listening  ports    
 
What  is  Traceroute  ?  
 
   Traceroute  is  a  utility  that  records  the  route  (specific  gateway  computers  at  each  hop)  through  the  internet  between  
your  computer  and  a  specific  destination  computer    
 
And  it  also  calculates  and  displays  the  amount  of  time  each  hop  took    
 
It’s  a  handy  tool  for  understanding  where  problems  are  in  the  internet  network  and  also  for  getting  a  detailed  sense  of  
the  internet  itself