Documente Academic
Documente Profesional
Documente Cultură
Star/hierarchical
Computers in a star topology are connected by cables to a hub. In this topology management of
the network is made much easier (such as adding and removing devices), because of the central
point. However because it is centralized more cable is required.
Because most star topologies use twisted-pair cables, the initial installation of star networks is also
easier.
If one computer fails the network will continue to function, but if a hub fails all computers
connected to it will also be affected.
Star topologies are, or are becoming the topology of choice for networks.
Bus
In bus topologies, all computers are connected to a single cable or "trunk or backbone", by a
transceiver either directly or by using a short drop cable. All ends of the cable must be terminated,
that is plugged into a device such as a computer or terminator. Most bus topologies use coax
cables.
The number of computers on a bus network will affect network performance, since only one
computer at a time can send data, the more computers you have on the network the more
computers there will be waiting send data. A line break at any point along the trunk cable will
result in total network failure.
Computers on a bus only listen for data being sent they do not move data from one computer to
the next, this is called passive topology.
Mesh
A Mesh topology Provides each device with a point-to-point connection to every other device in the
network. These are most commonly used in WAN's, which connect networks over
telecommunication links. Mesh topologies use routers to determine the best path.
Mesh networks provide redundancy, in the event of a link failure, meshed networks enable data to
be routed through any other site connected to the network. Because each device has a point-to-
point connection to every other device, mesh topologies are the most expensive and difficult to
maintain.
Ring
In a ring topology network computers are connected by a single loop of cable, the data signals
travel around the loop in one direction, passing through each computer. Ring topology is an active
topology because each computer repeats (boosts) the signal before passing it on to the next
computer.
One method of transmitting data around a ring is called token passing. The token is passed from
computer to computer until it gets to a computer that has data to send.
If there is a line break, or if you are adding or removing a device anywhere in the ring this will
bring down the network. In an effort to provide a solution to this problem, some network
implementations (such as FDDI) support the use of a double-ring. If the primary ring breaks, or a
device fails, the secondary ring can be used as a backup.
Wireless
A wireless network consists of wireless NICs and access points. NICs come in different models
including PC Card, ISA, PCI, etc. Access points act as wireless hubs to link multiple wireless NICs
into a single subnet. Access points also have at least one fixed Ethernet port to allow the wireless
network to be bridged to a traditional wired Ethernet network, such as the organization’s network
infrastructure. Wireless and wired devices can coexist on the same network.
Specify the main features, including speed, access method, topology, and media of:
802.3 (Ethernet) Carrier Sense Multiple Access with Collision Detection (CSMA/CD) LAN Ethernet
A type of media access control. With CSMA/CD, a computer listens to the network to determine
whether another computer is transmitting a data frame. If no other computer is transmitting, the
computer can then send its data. While the computer is listening for a data signal, that would be
the carrier sense part. Multiple access means, there are multiple computers trying to access or
send data on the network at the same time. Collision detection indicates that the computers are
also listening for collisions, if two computers try to send data at the same time and a collision
occurs, they must wait a random period of time before transmitting again.
Ethernet
100Base-FX Fiber-optic - two 412 meters (Half- 100 Mbps Star (often only
strands of Duplex) point-to-point)
multimode (200 Mb/s
62.5/125 fiber 2000 m (full- full-duplex
duplex) mode)
The IEEE 802.5 Token Ring standards define services for the OSI physical layer and the MAC
sublayer of the data link layer. Token Ring computers are situated on a continuous network loop. A
Token Ring controls access to the network by passing a token, from one computer to the next.
Before they can transmit data they must wait for a free token, thus token passing does not allow
two or more computers to begin transmitting at the same time.
Token Ring
Media MAC Signal Propagation Speed Topologies Maximum
Method Method Connections
Twisted-pair Token Forwarded from device to 4 Mbps Ring 255 nodes per
(various passing device (or port to port on a 16 Star-using Token segment
types) hub) in a closed loop Mbps Ring repeater
hubs
802.11b (wireless)
802.11b is a wireless Ethernet technology operating at 11MB. 802.11b devices use Direct Sequence
Spread Spectrum (DSSS) radio technology operating in the 2.4GHz frequency band.
An 802.11b wireless network consists of wireless NICs and access points. Access points act as
wireless hubs to link multiple wireless NICs into a single subnet. Access points also have at least
one fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet
network.. Wireless and wired devices can coexist on the same network.
802.11b devices can communicate across a maximum range of 50-300 feet from each other.
Fiber Distributed Data Interface, shares many of the same features as token ring, such as a token
passing, and the continuous network loop configuration. But FDDI has better fault tolerance
because of its use of a dual, counter-rotating ring that enables the ring to reconfigure itself in case
of a link failure. FDDI also has higher transfer speeds, 100 Mbps for FDDI, compared to 4 - 16
Mbps for Token Ring.
Unlike Token Ring, which uses a star topology, FDDI uses a physical ring. Each device in the ring
attaches to the adjacent device using a two stranded fiber optic cable. Data travels in one direction
on the outer strand and in the other direction on the inner strand. When all devices attached to the
dual ring are functioning properly, data travels on only one ring. FDDI transmits data on the
second ring only in the event of a link failure.
Media MAC Signal Propagation Method Speed Topologies Maximum
Method Connections
Fiber- Token Forwarded from device to device 100 Double ring 500 nodes
optic passing (or port to port on a hub) in a Mbps Star
closed loop
Specify the characteristics (e.g., speed, length, topology, cable type, etc.) of the
following 802.3 (Ethernet) standards:
Cable Type Maximum Speed Topology
Length
100Base-FX Fiber-optic 412 meters (Half- 100 Mbps Star (often only
Duplex) point-to-point)
(200 Mb/s
2000 m (full- full-duplex
duplex) mode)
RJ-45
AUI
A thicknet network connection uses a 15 pin attachment unit interface (AUI)
to connect the 15 pin DB 15 connector on the back of the network adapter card
to an external transceiver (shown left). The transceiver for thicknet Ethernet
includes a vampire tap (shown on top of the transceiver) which pierces the
thicknet cable to make the network connection. From the transceiver to the
network card a drop cable is attached.
BNC
ST / SC
Fiber network segments always require two fiber cables: one for transmitting data, and one for
receiving. Each end of a fiber cable is fitted with a plug that can be inserted into a network
adapter, hub, or switch. In the North America, most cables use a square SC connector that slides
and locks into place when inserted into a node or connected to another fiber cable, Europeans use
a round ST connector instead.
Both connectors offer the same features as far as distance and reliability, Connectors of different
types can communicate with the use of adapters or couplers, but it is best to choose one type of
connector and stick with it over your entire network.
Round ST connector used with fiber optic Square SC connector, used with fiber
cabling. optic cabling.
Twisted-pair
Twisted-pair cabling comes in two basic types shielded and unshielded. Unshielded twisted-pair
cable (UTP) is the most widely used in medium size LAN's. UTP is easy to work with and
inexpensive. Shielded twisted-pair (STP) cable protects signals from cross signaling that can result
from other, nearby cables. STP offers higher data transmission speeds, and larger networks.
Networks that use twisted-pair cabling include Token Ring, Ethernet, and Fast Ethernet networks.
Describe the purpose, features, and functions of the following network components:
Hubs
A Hub is a component that provides a common connection point for computers, printers, and other
network devices in a star topology network. Allowing them to be managed from a central location.
Also, hubs allow you to connect and disconnect an individual computer/device without disrupting
the network. Hubs operate at the physical layer of the OSI Model.
There are two basic types of hubs, passive and active.
Passive hubs simply provide a junction point, to send the data signal on to other devices on the
network.
Active Hubs, regenerate and retransmit the data signal, because they repeat the signal they can,
increase the diameter of the network. In an Ethernet hub the signal is regenerated to all devices at
the same time, while a Token Ring hub will only regenerate the signal to the next to the next
device in line. You can tell if a hub is active because it requires electricity.
Active hubs because they act like repeaters are sometimes called multiport repeaters.
Switches
Switches are a special type of hub that offers an additional layer of intelligence to basic, physical-
layer, repeater hubs. A switch must be able to read the MAC address of each frame it receives. This
information allows switches to repeat incoming data frames only to the computer or computers to
which a frame is addressed. This speeds up the network and reduces congestion.
Switches operate at both the physical layer and the data link layer of the OSI Model.
Bridges
A bridge is used to join two network segments together; it allows computers on either segment to
access resources on the other. They can also be used to divide large networks into smaller
segments. Bridges have all the features of repeaters, but can have more nodes, and since the
network is divided, there is fewer computers competing for resources on each segment thus
improving network performance.
Bridges can also connect networks that run at different speeds, different topologies, or different
protocols. But they cannot, join an Ethernet segment with a Token Ring segment, because these
use different networking standards.
Bridges operate at both the Physical Layer and the MAC sublayer of the Data Link layer. Bridges
read the MAC header of each frame to determine on which side of the bridge the destination device
is located, the bridge then repeats the transmission to the segment where the device is located.
Routers
A device used to connect networks of different types, such as those using different topologies and
protocols. They can operate at the first three layers of the OSI Model. This means they can switch
and route packets across multiple networks. Routers determine the best path for sending data.
You can use routers, to segment a large network, and to connect local area segments to a single
network backbone that uses a different physical layer and data link layer standard. They can also
be used to connect LAN's to a WAN's.
Brouters are a combination bridge, and router in one device. Brouters are more cost effective as
both the bridge and router are combined together
Gateways
A gateway is a device used to connect networks using different protocols. Gateways operate at the
network layer of the OSI model.
In order to communicate with a host on another network, an IP host must be configured with a
route to the destination network. If a configuration route is not found, the host uses the gateway
(default IP router) to transmit the traffic to the destination host. The default t gateway is where the
IP sends packets that are destined for remote networks. If no default gateway is specified,
communication is limited to the local network.
Gateways receive data from a network using one type of protocol stack, removes that protocol
stack and repackages it with the protocol stack that the other network can use.
CSU/DSU’s
A CSU/DSU is a device that combines the functionality of a channel service unit (CSU) and a data
service unit (DSU). These devices are used to connect a LAN to a WAN, and they take care of all
the translation required to convert a data stream between these two methods of communication.
A DSU provides all the handshaking and error correction required to maintain a connection across a
wide area link, similar to a modem. The DSU will accept a serial data stream from a device on the
LAN and translate this into a useable data stream for the digital WAN network. It will also take care
of converting any inbound data streams from the WAN back to a serial communication.
A CSU is similar to a DSU except it does not have the ability to provide handshaking or error
correction. It is strictly an interface between the LAN and the WAN and relies on some other device
to provide handshaking and error correction.
ISDN
Integrated Services Digital Network adapters can be used to send voice, data, audio, or video over
standard telephone cabling. ISDN adapters must be connected directly to a digital telephone
network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the
digital ISDN signal.
Like standard modems, ISDN adapters are available both as internal devices that connect directly
to a computer's expansion bus and as external devices that connect to one of a computer's serial
or parallel ports. ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps (using a T1
carrier service).
ISDN hardware requires a NT (network termination) device, which converts network data signals
into the signaling protocols used by ISDN. Some times, the NT interface is included, or integrated,
with ISDN adapters and ISDN-compatible routers. In other cases, an NT device separate from the
adapter or router must be implemented.
ISDN works at the physical, data link, network, and transport layers of the OSI Model.
Modems
A modem is a device that makes it possible for computers to communicate over telephone lines.
The word modem comes from Modulate and Demodulate. Because standard telephone lines use
analog signals, and computers digital signals, a sending modem must modulate its digital signals
into analog signals. The computers modem on the receiving end must then demodulate the analog
signals into digital signals.
Modems can be external, connected to the computers serial port by an RS-232 cable or internal in
one of the computers expansion slots. Modems connect to the phone line using standard telephone
RJ-11 connectors.
Every device on the network must have a unique MAC address to ensure proper receiving and
transmission of data. The MAC address is a device's actual physical address, which is usually
designated by the manufacturer of the device
Medium Access Control sub layer Operations The purpose of the MAC sub layer is to determine
when each frame should be passed on to the physical layer to be transmitted as a data signal over
the network. The MAC sub layer governs which devices have permission to transmit data over the
network and when. There are four basic methods for controlling access to the network, polling,
contention, token passing, and switching.
Identify the seven layers of the OSI model and describe their functions.
The Open Systems Interconnection (OSI) Reference Model is a modular framework for developing
standards that are based on a division of network operations into seven, sets of network services.
Data travels from the sending computer down through all the layers to the physical layer where the
data is put onto the network cabling, and then sent to the physical layer of the receiving computer
where the process reverses and the data travels up through the layers to the application layer of
the receiving computer.
Layer Description Devices Protocols
TCP/IP
Transmission Control Protocol, A connection based Internet protocol responsible for breaking data
into packets, which the IP protocol sends over the network. IP is located at the TCP/IP Internet
layer which corresponds to the network layer of the OSI Model. IP is responsible for routing packets
by their IP address.
IP is a connectionless protocol. which means, IP does not establish a connection between source
and destination before transmitting data, thus packet delivery is not guaranteed by IP. Instead,
this must be provided by TCP. TCP is a connection based protocol and, is designed to guarantee
delivery by monitoring the connection between source and destination before data is transmitted.
TCP places packets in sequential order and requires acknowledgment from the receiving node that
they arrived properly before any new data is sent.
IPX/SPX
Internet work Packet Exchange/Sequenced Packet Exchange developed by Novell and is used
primarily on networks that use the Novell NetWare network operating system. The IPX and SPX
protocols provide services similar to those offered by IP and TCP. Like IP, IPX is a connectionless
network layer protocol. SPX runs on top of IPX at the transport layer and, like TCP, provides
connection oriented, guaranteed delivery.
IPX nodes do not have to be configured with a unique node identifier; instead, they copy the MAC
address of the network interface card into the IPX node address field. The IPX header contains
information about which transport layer protocol receives a particular packet. With IPX, this
information is contained in the destination socket field. Servers have pre specified destination
socket numbers, so workstations always know what value to use to send information to the server.
In contrast, these workstations assign source socket numbers dynamically for their own protocols
outside the server socket number's range.
IPX routing protocols require each logical network to have a different network number in order to
forward IPX packets correctly. But, unlike IP, with IPX only servers and routers must be configured
with a network number. New network stations first use dynamic Routing Information Protocol (RIP)
routing packets to learn network topography and configuration from servers and routers and then
configure themselves accordingly.
Because IPX is a connectionless protocol, NetWare servers are unable to tell if a station's
connection to the server is currently active. To avoid reserving resources for inactive users, the
NetWare server sends a watchdog packet to a client after a predetermined length of inactivity. The
packet asks if the client is still connected and, if the client does not respond, the server terminates
the connection.
SPX is connection oriented and, thus, does not require the use of watchdog packets. However,
network devices will keep an SPX session open by sending keep alive packets to verify the
connection.
NetBEUI
NetBIOS Enhanced User Interface was designed as a small, efficient protocol for use in
department-sized LANs of 20-200 computers that do not need to be routed to other subnets.
NetBEUI is used almost exclusively on small, non-routed networks.
As an extension of NetBIOS, NetBEUI is not routable, therefore networks supporting NetBEUI must
be connected with bridges, rather than routers, like NetBIOS, the NetBEUI interface must be
adapted to routable protocols like TCP/IP for communication over WANs.
AppleTalk
AppleTalk is a LAN architecture built into all Apple Macintosh computers. While AppleTalk is a
proprietary network, many companies now market AppleTalk based products, including Novell and
Microsoft. Similarly, designed to be link layer independent, AppleTalk supports Apple's Local Talk
cabling scheme, but also runs over Ethernet (Ether Talk), Token Ring (Token Talk), and Fiber
Distributed Data Interface, or FDDI (Federal).
AppleTalk node addresses are assigned dynamically to ensure minimal network administration
overhead. When a node running AppleTalk starts up, it generates a random network layer protocol
address and then sends out a broadcast to determine whether that particular address is already in
use. If it is, the node with the conflicting address responds and the broadcasting node selects a
new address and repeats the inquiry process.
Identify the OSI layers at which the following network components operate: hubs,
switches, bridges, routers, and network interface cards
Layer Devices
Application Gateway
Session Gateway
Transport Gateway
Define the purpose and function of the following protocols within TCP/IP:
IP
Internet Protocol is the standard for data packet delivery over the Internet. IP is a network layer
protocol that provides network addressing for identifying senders and receivers. IP also defines
how data packets can be routed across the network to their destinations.
Routers forward each packet across the Internet based on its destination IP address. Each device
attached to the Internet or any IP network must have a unique IP address.
TCP
Transmission Control Protocol, A connection-based Internet protocol responsible for breaking data
into packets, which the IP protocol sends over the network. This protocol provides a reliable,
sequenced communication stream for network communication.
UDP
User Datagram Protocol runs on top of IP and is used as an alternative to TCP. UDP does not,
however, provide any error checking for guaranteeing packet delivery. Because UDP is not as
complex as TCP, it is also faster. It is often used for broadcast messages and for streaming audio
and video. UDP is a connectionless transport protocol.
FTP
File Transfer Protocol, is used for exchanging files in a TCP/IP environment and is implemented at
the application layer of the OSI model.
TFTP
Trivial File Transfer Protocol is a file transfer protocol that transfers files to and from a remote
computer running the TFTP service. TFTP was designed with less functions than FTP.
SMTP
Simple Mail Transfer Protocol, is used to transfer messages between two remote computers. It is
used on the Internet, and is part of the TCP/IP protocol stack.
HTTP
Hypertext Transfer Protocol is the underlying protocol for the World Wide Web. HTTP defines how
all resources on the web are transferred and what action web servers and browsers should take in
response to commands.
HTTP is a "stateless" protocol, meaning each command is executed independently, without any
knowledge of the commands that came before it.
HTTPS
The secure hypertext transfer protocol is a communications protocol designed to transfer encrypted
information between computers over the World Wide Web. HTTPS is HTTP using a Secure Socket
Layer (SSL). A secure socket layer is an encryption protocol invoked on a Web server that uses
HTTPS. Most implementations of the HTTPS protocol involve online purchasing or the exchange of
private information. Accessing a secure server often requires some sort of registration, login, or
purchase. The successful use of the HTTPS protocol requires a secure server to handle the request.
POP3/IMAP4
Post Office Protocol, used to retrieve e-mail from a mail server. Most e-mail applications use the
POP protocol, although some use the newer IMAP (Internet Message Access Protocol).
This older POP2 requires SMTP to send messages. While POP3, can be used with or without SMTP.
Telnet
Short for Telecommunication Network, a virtual terminal protocol allowing a user logged on to one
TCP/IP host to access other hosts on the network.
ICMP
Internet Control Message Protocol is a maintenance protocol in the TCP/IP suite, required in every
TCP/IP implementation, that allows two nodes on an IP network to share IP status and error
information. ICMP is used by the ping utility to determine the readability of a remote system.
ARP
Address Resolution Protocol, is a TCP/IP protocol used to convert an IP address into a physical
address, such as an Ethernet address. A host wishing to obtain a physical address broadcasts an
ARP request onto the TCP/IP network. The host on the network that has the IP address in the
request then replies with its physical hardware address.
NTP
The Network Time Protocol is used to synchronize the time of a computer client or server to
another server or reference time source, such as a radio or satellite receiver or modem. It provides
accuracy's typically within a millisecond on LANs and up to a few tens of milliseconds on WANs.
All upper layer applications that use TCP or UDP have a port number that identifies the application.
This enables the port number to identify the type of service that one TCP system is requesting from
another.
Some commonly used ports
Port Number Service
80 HTTP
21 FTP
110 POP3
25 SMTP
23 Telnet
Protocols and Standards Part 2
2.7 Given a network implementation scenario, select the appropriate network service
(e.g., DHCP/bootp, DNS, NAT/ICS, WINS, and SNMP).
DHCP/bootp
Dynamic Host Configuration Protocol is a server service. When a DHCP server is configured on a
network , clients that support DHCP can request TCP/IP configuration information from the server.
This makes makes configuration of TCP/IP much easier on the client computer.
For example the following can be automatically obtained:
• The IP address
• The subnet mask
• Default Gateway
All these setting are automatically binded to the network card of the client computer. It is possible
for DHCP to assign a different IP address to a client each time the machine logs on to the network.
A DHCP/BOOTP relay agent is hardware or software that passes DHCP/BOOTP packets from one
subnet to another subnet. If the routers that connect the subnet are RFC 1542 compliant routers,
the DHCP/BOOTP relay agent can provide IP addresses to clients in multiple subnets. If the router
cannot function as a relay agent, each subnet that has DHCP clients requires its own DHCP Server.
DNS
Domain Name System, enables short alphabetical names to be assigned to IP addresses to
describe where a computer is located. For example instead of trying to remember an IP address
composed of numbers, such as 198.46.8.34 you could with DNS type HTTP://www.microsoft.com.
NAT
Network Address Translation is a process that lets an entire network connect to a PPP server and
appear as a single IP address, thus helping to conceal IP addresses from external hackers and to
alleviate address space shortage.
WINS
While DNS resolves host names to IP addresses, WINS resolves NetBIOS names to IP addresses.
Windows Internet Name Service provides a dynamic database of IP address to NetBIOS name
resolution mappings.
WINS, determines the IP address associated with a particular network computer. This is called
name resolution. WINS supports network client and server computers running Windows.
WINS uses a distributed database that is automatically updated with the names of computers
currently available and the IP address assigned to each one.
DNS is an alternative for name resolution suitable for network computers with fixed IP addresses.
SNMP
Simple Network Management Protocol, is a TCP/IP protocol for monitoring networks and network
components. SNMP uses small utility programs called agents to monitor behavior and traffic on the
network, in order to gather statistical data.
These agents can be loaded onto managed devices such as hubs, NIC's, servers, routers, and
bridges. The gathered data is stored in a MIB (management information base).
To collect the information in a usable form, a management program console polls these agents and
downloads the information from their MIB's, which then can be displayed as graphs, charts and
sent to a database program to be analyzed.
2.8 Identify IP addresses (IPv4 IPv6) and their default subnet masks.
IP is a 32-bit number comprised of a host number and a network prefix, both of which are used to
uniquely identify each node within a network. A shortage of available IP addresses has prompted
the creation of an addressing scheme known as Classless Inter-Domain Routing (CIDR). Among
other capabilities, CIDR allows one IP address to designate many unique IP addresses within a
network. In addition, the current version of the IP address, IPv4, is being upgraded to IPv6. The
latter uses a 128-bit address, allowing for 2128 total IP addresses, as opposed to IPv4's 232.
IPv4 A, B, and C classes of IP addresses and their default subnet mask numbers
To accommodate different size networks, IP defines several address classes. Classes A, B, and C
are used for host addressing, and the only difference between the classes is the length of the
NET_ID subfield:
Class A - addresses are intended for very large networks and can address up to 16,777,216 (224)
hosts per network. The first digit of a Class A addresses will be a number between 1 and 126, the
network ID start bit is 0 and default subnet mask is 255.0.0.0
Class B - addresses are intended for moderate sized networks and can address up to 65,536 (216)
hosts per network. The first digit of a Class B address will be a number between 128 and 191, the
network ID start bit is 10 and the default subnet mask is 255. 255.0.0
Class C - intended for small networks and can address only up to 254 (28-2) hosts per network.
The first digit of a Class C address will be a number between 192 and 223, the network ID start bit
is 110 and their default subnet mask is 255. 255. 255.0
Default Gateways
A gateway is a device used to connect networks using different protocols. Gateways operate at the
network layer of the OSI model.
In order to communicate with a host on another network, an IP host must be configured with a
route to the destination network. If a configuration route is not found, the host uses the gateway to
transmit the traffic to the destination host. The default gateway is where the IP sends packets that
are destined for remote networks. If no default gateway is specified, communication is limited to
the local network.
Gateways receive data from a network using one type of protocol stack, removes that protocol
stack and repackages it with the protocol stack that the other network can use.
Subnetworks
A subnet mask is used to mask a portion of the IP address, so that TCP/IP can tell the difference
between the network ID and the host ID. TCP/IP uses the subnet mask to determine whether the
destination is on a local or remote network.
2.10 Identify the basic characteristics (e.g., speed, capacity, media) of the following
WAN technologies:
Fiber- Token Forwarded from device to device 100 Double ring 500 nodes
optic passing (or port to port on a hub) in a Mbps Star
closed loop
ATM
To transmit data Asynchronous Transfer Mode uses fixed sized packets of 53 bytes long called cells
and provides data transfer rates from 25 Mbps to 2400 Mbps. ATM can be used with twisted pair
and fiber optic cabling.
By using standard sized cells, ATM can provide constant, high-speed data streams that audio,
video, and imaging applications require.
Frame Relay
Frame Relay is a WAN technology, connection speeds range from 56 Kbps to 1.544 Mbps using a
T1 carrier service, and speeds up to 45 Mbps using a T3 carrier service. Frame relay is a packet
switched networking protocol.
To connect two or more LANs using Frame Relay, a company must lease one dedicated access line
to the Frame Relay network for each LAN. Frame Relay access lines often use a T1/ E1 line.
Sonet/SDH
Synchronous Optical Network, is a standard for optical telecommunications transport. It was
formulated by the ECSA for ANSI, which sets industry standards in the United States for
telecommunications and other industries. The comprehensive SONET/synchronous digital hierarchy
(SDH) standard is expected to provide the transport infrastructure for worldwide
telecommunications for at least the next two or three decades.
T1/E1
A 1.544 Mbps point to point dedicated, digital circuit provided by the telephone companies. T1 lines
are widely used for private networks as well as interconnections between an organizations LAN and
the telco.
A T1 line uses two pairs of wire one to transmit, and one to receive. and time division multiplexing
(TDM) to interleave 24 64-Kbps voice or data channels. The standard T1 frame is 193 bits long,
which holds 24 8-bit voice samples and one synchronization bit with 8,000 frames transmitted per
second. T1 is not restricted to digital voice or to 64 Kbps data streams. Channels may be combined
and the total 1.544 Mbps capacity can be broken up as required.
T3/E3
A T3 line is a super high-speed connection capable of transmitting data at a rate of 45 Mbps. A T3
line represents a bandwidth equal to about 672 regular voice-grade telephone lines, which is wide
enough to transmit real time video, and very large databases over a busy network. A T3 line is
typically installed as a major networking artery for large corporations, universities with high-
volume network traffic and for the backbones of the major Internet service providers.
OC
Optical Carrier, designations are used to specify the speed of fiber optic networks that conforms to
the SONET standard.
Level Speed
OC-1 51.85 Mbps
2.11 Define the function of the following remote access protocols and services:
RAS
Remote Access Service A service that provides remote networking for telecommuters, mobile
workers, and system administrators who monitor and manage servers at multiple branch offices.
Users with RAS can dial in to remotely access their networks for services such as file and printer
sharing, electronic mail, scheduling, and SQL database access.
PPP
Point to point Protocol facilitates Internet connections over serial lines, including modem
connections. PPP software requires only a destination address usually a phone number for modem
connections and a user login in order to negotiate a complete configuration for each session.
VPN
Virtual private network A remote LAN that can be accessed through the Internet by using PPTP
2.12 Identify the following security protocols and describe their purpose and function:
IPsec
IP Security, is a set of protocols used to support secure exchange of packets at the IP layer.
IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the
data portion of each packet, but leaves the header untouched. The more secure Tunnel mode
encrypts both the header and the data portion.
For IPsec to work, the sending and receiving devices must share a public key. This is accomplished
through a protocol known as Internet Security Association and Key Management Protocol/Oakley,
which allows the receiver to obtain a public key and authenticate the sender using digital
certificates.
L2TP
Layer Two Tunneling Protocol, an extension to the PPP protocol that enables ISPs to operate Virtual
Private Networks. L2TP combines the best features of two other tunneling protocols: PPTP from
Microsoft and L2F from Cisco Systems.
PPTP
PPTP is a networking technology that supports multiprotocol virtual private networks, enabling
remote users to access networks securely across the Internet by dialing into an ISP or by
connecting directly to the Internet.
SSL
Secure Sockets Layer is a protocol that supplies secure data communication through data
encryption and decryption. SSL enables communications privacy over networks by using a
combination of public key, and bulk data encryption.
Kerberos
An authentication system, Kerberos is designed to enable two parties to exchange private
information across an open network. It works by assigning a unique key, called a ticket, to each
user that logs on to the network. The ticket is then embedded in messages to identify the sender of
the message.
VoIP is the ability to make telephone calls and send faxes over IP based data networks with a
suitable quality of service (QoS) and superior cost/benefit.
Network Implementation
3.1 Describe the basic capabilities (i.e., client support, interoperability, authentication,
file and print services, application support, and security) of the following server
operating systems:
UNIX/Linux
Interoperability
Open source software such as SAMBA is used to provide Windows users with Server Message Block
(SMB) file sharing.
Authentication
Centralized login authentication
File and Print Services
Network File System (NFS) is a distributed file system that allows users to access files and
directories located on remote computers and treat those files and directories as if they were local.
LPR/LPD is the primary UNIX printing protocol used to submit jobs to the printer. The LPR
component initiates commands such as "print waiting jobs," "receive job," and "send queue state,"
and the LPD component in the print server responds to them.
Security
With most Unix operating systems, the network services can be individually controlled to increase
security.
Netware
Client Support
NetWare 5 comes with Novell Client software for three client platforms: DOS and Windows 3.1x,
Windows 95/98, and Windows NT.
Interoperability
You can set the Novell Clients for Windows 95/98 and Windows NT to work with one of three
network protocol options: IP only, IP and IPX, or IPX only.
Authentication
Centralized login authentication
File and Print Services
File Services NetWare offers two choices of mutually compatible file services: Novell Storage
Services (NSS) and the traditional NetWare File System. Both kinds of file services let you store,
organize, manage, access, and retrieve data on the network.
NSS gathers all unpartitioned free space that exists on all the hard drives connected to your server,
together with any unused space in NetWare volumes, and places it into a storage pool. You create
NSS volumes from this storage pool during server installation or later through NWCONFIG.
Novell Distributed Print Services (NDPS) is the default and preferred print system in NetWare.
NDPS supports IP-based as well as IPX-based printing.
Security
Novell has support for a public key infrastructure built into NetWare 5 using a public certificate,
developed by RSA Security.
Windows 2000
Client Support
Windows 3.x, Windows 95, Windows 98, and Windows NT Workstation 4.0.
Interoperability
Windows 2000 Server supports UNIX, Novell NetWare, Windows NT Server 4.0, and Macintosh.
Authentication
Successful user authentication in a Windows 2000 computing environment consists of two separate
processes: interactive logon, which confirms the user's identification to either a domain account or
a local computer, and network authentication, which confirms the user's identification to any
network service that the user attempts to access.
Types of authentication that Windows 2000 supports are:
• Kerberos V5 is used with either a password or a smart card for interactive logon. It is also
the default method of network authentication for services.The Kerberos V5 protocol verifies
both the identity of the user and network services.
• Secure Socket Layer/Transport Layer Security (SSL/TLS) authentication, is used when a
user attempts to access a secure Web server.
• Mac CGI
Mac OS X Server
Client Support
TCP/IP file sharing with Macintosh clients using Network File System (NFS), and File Transfer Apple
File Protocol 3.0.
Interoperability
Mac OS X Server uses the Open Source SAMBA to provide Windows users with Server Message
Block (SMB) file sharing. Network File System (NFS) lets you make folders available to UNIX and
Linux users.
Authentication
Kerberos support for centralized login authentication.
File and Print Services
Mac OS X Server provides support for native Built-in print services can spool files to any
Macintosh, Windows, UNIX, and Linux file PostScript-capable printer over TCP/IP, AppleTalk, or
sharing. Protocols supported include: USB. Macintosh customers can use the LPR support in
Print Center or the Desktop Printer utility to connect
• Apple file services (AFP 3.0) from any to a shared printer. Windows users can use their
AppleShare client over TCP/IP native SMB/CIFS protocol to connect to a shared
• Windows (SMB/CIFS) file sharing using printer. Print services for OS X Server
Samba
• Network File System (NFS) for UNIX • Macintosh and UNIX (LPR/LPD)
and Linux file access
• Windows (SMB/CIFS)
• Internet (FTP)
Application Support
• Apache web server • QuickTime Streaming Server
• WebObjects 5 Deployment • Mail (SMTP, POP, IMAP)
• WebDAV • SSL
• MySQL • PHP
• JavaServer Pages • Java Servlets
• Mac CGI
• Perl
• Caching web proxy
Security
3.2 Describe the basic capabilities, (i.e., client connectivity, local security mechanisms,
and authentication) of the following client operating systems:
A Virtual LAN is a group of devices on one or more LANs that are configured using management
software so that they can communicate as if they were attached to the same LAN segment, when
in fact they are located on a number of different segments. Because VLANs are based on logical
instead of physical connections, they are more flexible.
For a computer to communicate with devices on different LAN segments other than the segment it
is located on, requires the use of a router. And as networks expand, more routers are needed to
separate users into broadcast and collision domains, and provide connectivity to other LANs. Since
routers add latency, this can result in the delay of data transfer over the network.
Switches are used in VLANs to create the same division of the network into separate broadcast
domains, but without the latency problems of a router.
Advantages to using VLANs:
Switched networks increase performance, by reducing the size of collision domains. Users can be
grouped into logical networks which will increase performance by limiting broadcast traffic to users
performing similar functions or within individual workgroups. Less traffic needs to be routed,
causing the latency added by routers to be reduced.
VLANs provide an easier way to modify logical groups in changing environments. VLANs make large
networks more manageable by allowing centralized configuration of devices located in physically
different locations.
Software configurations can be made across machines with the consolidation of a department’s
resources into a single subnet. IP addresses, subnet masks, and local network protocols will be
more consistent across the entire VLAN.
VLANs provide independence from the physical topology of the network by allowing physically
diverse workgroups to be logically connected within a single broadcast domain.
A switched network delivers frames only to the intended recipients, and broadcast frames only to
other members of the VLAN. This allows the network administrator to segment users requiring
access to sensitive information into separate VLANs from the rest of the general user community
regardless of physical location, thus enhancing security.
RAID
Redundant Array of Inexpensive (or Independent) Disks. A RAID array is a collection of drives
which collectively act as a single storage system, which can tolerate the failure of a drive without
losing data, and which can operate independently of each other.
Level 0 referred to as striping, is not redundant. Data is split across drives, resulting in higher data
throughput. Since no redundant information is stored, performance is very good, but the failure of
any disk in the array results in all data loss.
Level 1 referred to as mirroring with 2 hard drives. It provides redundancy by duplicating all data
from one drive on another drive. Performance is better than a single drive, but if either drive fails,
no data is lost. This is a good entry-level redundant system, since only two drives are required.
Level 2, which uses Hamming error correction codes, is intended for use with drives which do not
have built-in error detection. All SCSI drives support built-in error detection, so this level is not
needed if using SCSI drives.
Level 3 stripes data at a byte level across several drives, with parity stored on one drive. It is
otherwise similar to level 4. Byte-level striping requires hardware support for efficient use.
Level 4 stripes data at a block level across several drives, with parity stored on one drive. The
parity information allows recovery from the failure of any single drive. Performance is very good for
reads. Writes, however, require that parity data be updated each time. This slows small random
writes, in particular, though large writes or sequential writes are fairly fast.
Level 5 striping with distributed parity. Similar to level 4, but distributes parity among the drives.
No single disk is devoted to parity. This can speed small writes in multiprocessing systems.
Because parity data must be distributed on each drive during reads, the performance for reads
tends to be considerably lower than a level 4 array.
Fault tolerance is the ability of a system to continue functioning when part of the system fails.
Normally, fault tolerance is used in describing disk subsystems, but it can also apply to other parts
of the system or the entire system. Fully fault-tolerant systems use redundant disk controllers and
power supplies as well as fault-tolerant disk subsystems. You can also use an uninterruptible power
supply (UPS) to safeguard against local power failure.
Although the data is always available in a fault-tolerant system, you still need to make backups
that are stored offsite to protect the data against disasters such as a fire.
IP
Determine whether the remote access server will use DHCP or a static IP address pool to obtain
addresses for dial-up clients. If you use a static IP address pool, determine whether the pool will be
ranges of addresses that are a subset of addresses from the IP network to which the server is
attached or a separate subnet. If the static IP address pool address ranges represent a different
subnet, ensure that routes to the address ranges exist in the routers of your intranet so that traffic
to connected remote access clients is forwarded to the remote access server.
IPX
Internetwork Packet Exchange (IPX) is the traditional Novell communications protocol that sends
data packets to requested destinations (such as workstations or servers).
An IPX network address is a hexadecimal number, one to eight digits (1 to FFFFFFFE), that
identifies a specific network cable segment. IPX network segments can process more than one
frame type. Each frame type that is used on the network is treated as a logical network segment
and requires its own IPX address—even though each frame type is using the same network board
and physical cable segment.
PPP
• Framing rules are established between the remote computer and server. This allows
continued communication (frame transfer) to occur.
• The remote access server then authenticates the remote user by using the PPP
authentication protocols (MS-CHAP, EAP, CHAP, SPAP, PAP). The protocols that are invoked
depend on the security configurations of the remote client and server.
• Once authenticated, if callback is enabled, the remote access server hangs up and calls the
remote access client.
• The Network Control Protocols (NCPs) enable and configure the remote client for the desired
LAN protocols.
PPTP Point-to-Point Tunneling Protocol is networking technology that supports multiprotocol virtual
private networks (VPNs), enabling remote users to access corporate networks securely across the
Internet. Unlike the Point-to-Point Protocol (PPP), which is designed to support a dial-up network
connection to the Internet, PPTP does not rely upon a dial-up connection. It can be used to provide
secure, tunneled end-to-end Internet connections through other remote access technologies, such
as Internet access provided through DSL.
Authentication
Microsoft dial-up networking clients typically use MS-CHAP authentication. Non-Microsoft dial-up
networking clients use CHAP, SPAP, and PAP authentication.
CHAP Challenge Handshake Authentication Protocol is a challenge-response authentication protocol
that uses the industry-standard Message Digest 5 (MD5) hashing scheme to encrypt the response.
CHAP is used by various vendors of network access servers and clients.
MS-CHAP Microsoft Challenge Handshake Authentication Protocol. MS-CHAP is a nonreversible,
encrypted password authentication protocol. The challenge handshake process works as follows:
• The remote access server or the IAS server sends a challenge to the remote access client
that consists of a session identifier and an arbitrary challenge string.
• The remote access client sends a response that contains the user name and a nonreversible
encryption of the challenge string, the session identifier, and the password.
• The authenticator checks the response and, if valid, the user's credentials are authenticated.
PAP Password Authentication Protocol uses plaintext passwords and is the least sophisticated
authentication protocol. It is typically negotiated if the remote access client and remote access
server cannot negotiate a more secure form of validation.
SPAP Shiva Password Authentication Protocol is a reversible encryption mechanism employed by
Shiva. This form of authentication is more secure than plaintext but less secure than CHAP or MS-
CHAP.
Firewall
A firewall is used to prevent unauthorized access to or from a network. They are frequently used to
prevent unauthorized users from accessing private networks connected to the Internet, especially
intranets. All messages entering or leaving the intranet pass through the firewall, which examines
each message and blocks those that do not meet the specified security criteria.
Firewall techniques:
• Packet filter looks at each packet entering or leaving the network and accepts or rejects it
based on user-defined rules.
• Application gateway applies security mechanisms to specific applications, such as FTP and
Telnet servers.
• Circuit-level gateway applies security mechanisms when a TCP or UDP connection is
established. Once the connection has been made, packets can flow between the hosts
without further checking.
Proxy
Is a server that sits between a client application, such as a web browser, and a real server.When a
client program makes a request, the proxy server responds by translating the request and passing
it to the Internet. When a computer on the Internet responds, the proxy server passes that
response back to the client program on the computer that made the request. The proxy server
computer has two network interfaces: one connected to the LAN and one connected to the
Internet.
The primary security features of Proxy Server are:
Encryption
Windows 2000
The Encrypting File System (EFS) provides the core file encryption technology used to store
encrypted files on NTFS file system volumes. Once you encrypt a file or folder, you work with the
encrypted file or folder just as you do with any other files and folders. Encryption is transparent to
the user that encrypted the file. This means that you do not have to decrypt the encrypted file
before you can use it. You can open and change the file as you normally do. However, an intruder
who tries to access your encrypted files or folders will be prevented from doing so. An intruder
receives an access denied message if the intruder tries to open, copy, move, or rename your
encrypted file or folder.
You encrypt or decrypt a folder or file by setting the encryption property for folders and files just as
you set any other attribute such as read-only, compressed, or hidden. If you encrypt a folder, all
files and subfolders created in the encrypted folder are automatically encrypted. It is recommended
that you encrypt at the folder level.
You can also encrypt or decrypt a file or folder using the command-line function cipher. For more
information about the cipher command, type cipher /? at a command prompt.
Main points about EFS
Only files and folders on NTFS volumes can be encrypted.
You cannot encrypt files or folders that are compressed. First you must uncompress the file or
folder, then you can encrypt it. On a compressed volume, uncompress folders you want to encrypt.
You cannot share encrypted files.
Encrypted files can become decrypted if you copy or move the file to a volume that is not an NTFS
volume.
Use cutting and pasting to move files into an encrypted folder. If you use a drag-and-drop
operation to move the files, they will not automatically be encrypted in the new folder.
System files cannot be encrypted.
Encrypting a folder or file does not protect against deletion. Anyone with delete permission can
delete encrypted folders or files.
3.9 Given a network installation scenario, select the appropriate NIC and configuration
settings.
full/half duplex
Half duplex refers to the transmission of data in just one direction at a time. Full duplex refers to
the transmission of data in two directions simultaneously. Most NICs contain a setting that lets you
select between half-duplex and full-duplex modes.
Speeds
Make sure the NIC is the right speed for the network, if it is 100Base-TX then use a NIC capable of
100 Mbps.
Network Support
4.1 Given a troubleshooting scenario, select the appropriate TCP/IP utility from among
the following:
tracert
Tracert Utility runs at a Command prompt. It can trace a path from you to an URL or IP address. It
does this by sending an ICMP echo packet, to the named host. This will show how many hops the
packets have to travel and how long it takes.
Syntax for tracert :
ping
Is command, which forwards a packet to a URL over the Internet or within an Intranet. This verifies
that TCP/IP is configured correctly and that a connection can be made.
The basic ping command syntax is "ping hostname".
Ping 127.0.0.1 This is the loopback address and verifies that the computer that you are pinging
from can communicate via TCP/IP with its own ethernet adapter.
arp
Address Resolution Protocol, a TCP/IP protocol used to convert an IP address into a physical
address (called a DLC address), such as an Ethernet address. A host wishing to obtain a physical
address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the
IP address in the request then replies with its physical hardware address.
There is also Reverse ARP (RARP) which can be used by a host to discover its IP address. In this
case, the host broadcasts its physical address and a RARP server replies with the host's IP address.
ARP Syntax:
• -a or arp -g Both of these commands do the same thing. They display the contents of your
current arp cache.
• -s (IP address hardware address) This commands a static entry to the arp cache.
• -d (IP address) Removes and entry from the arp cache.
netstat
Display protocol information and connection status and provides useful information regarding traffic
flow.
Syntax:
nbtstat
ipconfig
winipcfg
This utility allows users or adminstrators to see the current IP address and other useful information
about your network configuration.
You can reset one or more IP addresses. The Release or Renew buttons allow you to release or
renew one IP address. If you want to release or renew all IP addresses click Release All or Renew
All.
When one of these buttons is clicked, a new IP address is obtained from either the DHCP service or
from the computer assigning itself an automatic private IP address.
To use the winipcfg utility
1. Click Start, and then click Run and type winipcfg
2. Click More Info.
3. To see the addresses of the DNS servers the computer is configured to use, click the ellipsis
(...) button to the right of DNS Servers.
4. To see address information for your network adapter(s), select an adapter from the list in
Ethernet Adapter Information.
nslookup
Nslookup (Name Server lookup) is a UNIX shell command to query Internet domain name servers.
For example if you did an nslookup on studynotes.net these are some of the results you could
obtain.
Query Hostname Real Hostname IP Address
• Nameserver: These are the servers that the internet uses to find out more about the
domain. Usually they are an ISP's computer.
• Mailserver: Where email is sent to.
• Webserver: The domains website.
• FTPserver: FTP is file transfer protocol, this server is where files may be stored.
• Hostname: The name of the host as given by the domain.
• Real Hostname: This is hostname that you get by reverse resolving the IP address, may
be different to the given hostname.
• IP Address: Unique four numbered identifier that is obtained by resolving the hostname.
Example:
Mary works in an small office where there are 4 computers in a peer to peer configuration running
Windows 98 se. She would like to access the Internet through the modem which is attached to
Bob's computer.
How would you set this up so Mary and the other users in her office could connect to the Internet
through Bob's modem ?
Solution: Install Internet Connection Sharing
Problem: Internet Connection Sharing is installed but Mary still can not connect through Bob's
modem.
1. Under LAN and Internet sharing settings is enable Internet connection sharing enabled ?
2. The Internet Connection Sharing wizard will set the IP address of the Connection Sharing
computer (Bob's) to 192.168.0.1. are the other computers on the network set statically to
an IP address in the range from 192.168.0.2 to 192.168.0.253. ?
3. Is TCP/IP installed properly on all computers ?
As you can see this is just one of many possible scenarios, this is why we need your help.
4.3 Given a troubleshooting scenario involving a remote connectivity problem (e.g., authentication
failure, protocol configuration, physical connectivity) identify the cause of the problem.
4.4 Given a security scenario, identify the requirements for an acceptable password.
4.5 Given a network installation scenario, configure the appropriate computer/host name and user
name.
Answer: c,e
The best way to connect windows clients to linux (or other nixes) is samba. samba allows linux to
use smb/cifs on which windows file sharing is built. ( This is not the offical position of microsoft,
but on that later) With samba installed and properly configured on the server, the windows clients
will be able to connect to the server tcp/ip properly configured.
Whereas NFS would do the job, it would require third party software to work with the windows 98
clients and would not likely be transparent to the end users. SFU is only included in windows 2000,
not windows 98. Note that ( big surprise here) microsoft highly recommends the NFS and SFU be
used for windows 2000 networks. WINE is a windows emulator and would not help for network
connectivity.
4.7 Given a network installation task, select the appropriate networking tool to apply
(e.g., wire crimper, media tester/certifier, punch down tool, tone generator,
optical tester, etc.).
• a.optical tester
• b.protocol analyzer
• c.multimeter
• d.Tone generator
Answer: d The tone generator could be connected at the jack and the probe used to find the other
end
An optical test would help to test fiberoptics but not cat 5 cable While a multimeter could, in theory
be used, in most cases it is impractical at best and usually impossible. A protocol analyzer would be
useless in this case. There is no traffic to analyze
4.8 Given network maintenance scenario determine whether the visual indicators are
indicating a problem with the network.
4.9 Given a network maintenance scenario, including output from a diagnostic utility
(e.g. tracert, ping, ipconfig, etc), identify the utility and interpret the output.
• a.ip address
• b.no DNS server is assigned
• c.subnet mask is wrong
• d.wrong default gateway
Answer: c Class C always has a mask of 255.255.255.0. As a result the new machine thinks that
the 192.168.1.0 network is on its subnet.
There is no evidence to sugest that the problem is the ip address. If there were a conflict you
would gwt a 0.0.0.0 ip address
The symptoms could indicate a bad default gateway, but in this case, the default gateway address
is on the correct subnet. Usually the router is assigned the fist usable address on the subnet, and
that is what we had.
DNS server information is not displayed by ipconfig by itself. You would need to use ipconfig /all to
see that
4.10 Given a network maintenance scenario, predict the effects of modifying, adding, or
removing network components on network resources and users.
4.11 Given a network problem scenario, select an appropriate course of action based on
a general troubleshooting strategy. This strategy includes the following steps 1)
establish symptoms 2) identify the affected area 3) establish what has changed
4) select the most probably cause 5) implement a solution 6) test the result 7)
recognize the potential effects of the solution 8) document the solution
Example:
Your network uses a star topology with 48 users and 3 hubs, one per department. Each hub
handles 16 users. Three users in one of the departments cannot access the network server. What
should you check first?
a) Network connections on the three users' computers
b) Review logon procedures with the users
c) The routing table in the router
d) The departmental hub
Solution: The departmental hub
Explanation: A star configuration consists of a network hub with several ports. Network cables
spread out from it and connect to each computer. A basic star has only one computer on each
network cable extending from the hub. When one hub goes down, each user connected to that hub
loses network access. When several users connected through the same hub report problems, check
the hub before checking individual computers.
The routing table or logon procedures are unlikely to affect only three users. Network connections
on three users' computers would be unlikely to fail at the same time.
Thanks to Kristen for the above example.
4.12 Given a troubleshooting scenario involving a network with a particular physical topology (i.e.,
bus, star/hierarchical, mesh, ring, wireless) and including a network diagram, identify the
network are effected and the cause of the problem.
4.13 Given a network troubleshooting scenario involving a client connectivity problem, identify the
problem:
incorrect protocol
client software
authentication configuration
insufficient rights/permissions
bad media
interference
network hardward
Introduction
• What is an IP Address?
• What are Classes?
• What is a Network Address?
• What are Subnet Masks and Subnet Addresses?
• How are Subnet Masks defined and used?
• How can all this be applied?
• What is CIDR?
• How can I get more information?
IP Addressing
An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP network.
An IP address is a 32 bit binary number usually represented as 4 decimal values, each representing 8
bits, in the range 0 to 255 (known as octets) separated by decimal points. This is known as "dotted
decimal" notation.
Example: 140.179.220.200
Every IP address consists of two parts, one identifying the network and one
identifying the node. The Class of the address and the subnet mask determine
which part belongs to the network address and which part belongs to the node
address.
Address Classes
There are 5 different address classes. You can determine which class any IP address is in by examining
the first 4 bits of the IP address.
Addresses beginning with 01111111, or 127 decimal, are reserved for loopback
and for internal testing on a local machine. [You can test this: you should always
be able to ping 127.0.0.1, which points to yourself] Class D addresses are
reserved for multicasting. Class E addresses are reserved for future use. They
should not be used for host addresses.
Now we can see how the Class determines, by default, which part of the IP address
belongs to the network (N) and which part belongs to the node (n).
• Class A -- NNNNNNNN.nnnnnnnn.nnnnnnnn.nnnnnnnn
• Class B -- NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
• Class C -- NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn
In order to specify the network address for a given IP address, the node section is
set to all "0"s. In our example, 140.179.0.0 specifies the network address for
140.179.220.200. When the node section is set to all "1"s, it specifies a broadcast
that is sent to all hosts on the network. 140.179.255.255 specifies the example
broadcast address. Note that this is true regardless of the length of the node
section.
Private Subnets
There are three IP network addresses reserved for private networks. The addresses are 10.0.0.0/8,
172.16.0.0/12, and 192.168.0.0/16. They can be used by anyone setting up internal IP networks, such as
a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because
routers on the Internet will never forward packets coming from these addresses.
Subnetting
Subnetting an IP Network can be done for a variety of reasons, including organization, use of different
physical media (such as Ethernet, FDDI, WAN, etc.), preservation of address space, and security. The
most common reason is to control network traffic. In an Ethernet network, all nodes on a segment see all
the packets transmitted by all the other nodes on that segment. Performance can be adversely affected
under heavy traffic loads, due to collisions and the resulting retransmissions. A router is used to connect
IP networks to minimize the amount of traffic each segment must receive.
Subnet Masking
Applying a subnet mask to an IP address allows you to identify the network and
node parts of the address. The network bits are represented by the 1s in the mask,
and the node bits are represented by the 0s. Performing a bitwise logical AND
operation between the IP address and the subnet mask results in the Network
Address or Number.
For example, using our test IP address and the default Class B subnet mask, we
get:
To calculate the number of subnets or nodes, use the formula (2n-2) where n =
number of bits in either field, and 2n represents 2 raised to the nth power.
Multiplying the number of subnets by the number of nodes available per subnet
gives you the total number of nodes available for your class and subnet mask.
Also, note that although subnet masks with non-contiguous mask bits are allowed,
they are not recommended.
Example:
In this example a 3 bit subnet mask was used. There are 6 (23-2) subnets
available with this size mask (remember that subnets with all 0's and all 1's are not
allowed). Each subnet has 8190 (213-2) nodes. Each subnet can have nodes
assigned to any address between the Subnet address and the Broadcast address.
This gives a total of 49,140 nodes for the entire class B address subnetted this
way. Notice that this is less than the 65,534 nodes an unsubnetted class B address
would have.
You can calculate the Subnet Address by performing a bitwise logical AND
operation between the IP address and the subnet mask, then setting all the host
bits to 0s. Similarly, you can calculate the Broadcast Address for a subnet by
performing the same logical AND between the IP address and the subnet mask,
then setting all the host bits to 1s. That is how these numbers are derived in the
example above.
Subnetting always reduces the number of possible nodes for a given network.
There are complete subnet tables available here for Class A, Class B and Class C.
These tables list all the possible subnet masks for each class, along with
calculations of the number of networks, nodes and total hosts for each subnet.
An Example
Here is another, more detailed, example. Say you are assigned a Class C network number of
200.133.175.0 (apologies to anyone who may actually own this domain address). You want to utilize
this network across multiple small groups within an organization. You can do this by subnetting that
network with a subnet address.
We will break this network into 14 subnets of 14 nodes each. This will limit us to 196 nodes on the
network instead of the 254 we would have without subnetting, but gives us the advantages of traffic
isolation and security. To accomplish this, we need to use a subnet mask 4 bits long.
Recall that the default Class C subnet mask is
Now that you understand "classful" IP Subnetting principals, you can forget them ;). The reason is
CIDR -- Classless InterDomain Routing. CIDR was invented several years ago to keep the internet
from running out of IP addresses. The "classful" system of allocating IP addresses can be very wasteful;
anyone who could reasonably show a need for more that 254 host addresses was given a Class B address
block of 65533 host addresses. Even more wasteful were companies and organizations that were
allocated Class A address blocks, which contain over 16 Million host addresses! Only a tiny percentage
of the allocated Class A and Class B address space has ever been actually assigned to a host computer
on the Internet.
People realized that addresses could be conserved if the class system was
eliminated. By accurately allocating only the amount of address space that was
actually needed, the address space crisis could be avoided for many years. This
was first proposed in 1992 as a scheme called Supernetting. Under supernetting,
the classful subnet masks are extended so that a network address and subnet
mask could, for example, specify multiple Class C subnets with one address. For
example, If I needed about 1000 addresses, I could supernet 4 Class C networks
together:
The use of a CIDR notated address is the same as for a Classful address. Classful
addresses can easily be written in CIDR notation (Class A = /8, Class B = /16, and
Class C = /24)
It is expected that CIDR will keep the Internet happily in IP addresses for the next
few years at least. After that, IPv6, with 128 bit addresses, will be needed. Under
IPv6, even sloppy address allocation would comfortably allow a billion unique IP
addresses for every person on earth! The complete and gory details of CIDR are
documented in RFC1519, which was released in September of 1993.