Media and Topologies part 1

Recognize the following logical or physical network topologies given a schematic

diagram or description:
If computers are connected in a row, along a single cable this is called a bus topology, if they
branch out from a single junction or hub this is known as a star topology. When computers are
connected to a cable that forms a continuous loop this is called a ring topology.

Star/hierarchical

Star Hierarchical or cascading star

Computers in a star topology are connected by cables to a hub. In this topology management of
the network is made much easier (such as adding and removing devices), because of the central
point. However because it is centralized more cable is required.
Because most star topologies use twisted-pair cables, the initial installation of star networks is also
easier.
If one computer fails the network will continue to function, but if a hub fails all computers
connected to it will also be affected.
Star topologies are, or are becoming the topology of choice for networks.

Bus

In bus topologies, all computers are connected to a single cable or "trunk or backbone", by a
transceiver either directly or by using a short drop cable. All ends of the cable must be terminated,
that is plugged into a device such as a computer or terminator. Most bus topologies use coax
cables.
The number of computers on a bus network will affect network performance, since only one
computer at a time can send data, the more computers you have on the network the more
computers there will be waiting send data. A line break at any point along the trunk cable will
result in total network failure.
Computers on a bus only listen for data being sent they do not move data from one computer to
the next, this is called passive topology.

Mesh
A Mesh topology Provides each device with a point-to-point connection to every other device in the
network. These are most commonly used in WAN's, which connect networks over
telecommunication links. Mesh topologies use routers to determine the best path.
Mesh networks provide redundancy, in the event of a link failure, meshed networks enable data to
be routed through any other site connected to the network. Because each device has a point-to-
point connection to every other device, mesh topologies are the most expensive and difficult to
maintain.

Ring

In a ring topology network computers are connected by a single loop of cable, the data signals
travel around the loop in one direction, passing through each computer. Ring topology is an active
topology because each computer repeats (boosts) the signal before passing it on to the next
computer.
One method of transmitting data around a ring is called token passing. The token is passed from
computer to computer until it gets to a computer that has data to send.
If there is a line break, or if you are adding or removing a device anywhere in the ring this will
bring down the network. In an effort to provide a solution to this problem, some network
implementations (such as FDDI) support the use of a double-ring. If the primary ring breaks, or a
device fails, the secondary ring can be used as a backup.

Wireless

A wireless network consists of wireless NICs and access points. NICs come in different models
including PC Card, ISA, PCI, etc. Access points act as wireless hubs to link multiple wireless NICs
into a single subnet. Access points also have at least one fixed Ethernet port to allow the wireless
network to be bridged to a traditional wired Ethernet network, such as the organization’s network
infrastructure. Wireless and wired devices can coexist on the same network.

Specify the main features, including speed, access method, topology, and media of:
802.3 (Ethernet) Carrier Sense Multiple Access with Collision Detection (CSMA/CD) LAN Ethernet
A type of media access control. With CSMA/CD, a computer listens to the network to determine
whether another computer is transmitting a data frame. If no other computer is transmitting, the
computer can then send its data. While the computer is listening for a data signal, that would be
the carrier sense part. Multiple access means, there are multiple computers trying to access or
send data on the network at the same time. Collision detection indicates that the computers are
also listening for collisions, if two computers try to send data at the same time and a collision
occurs, they must wait a random period of time before transmitting again.

Ethernet

Designation Supported Maximum Transfer Topology

Media Segment Length Speed

10Base-5 Coaxial 500 m 10 Mbps Bus

10Base-2 Thin Coaxial (RG- 185 m 10 Mbps Bus

58 A/U)

10Base-T Category 3 or 100 m 10 Mbps Star, using either

above unshielded simple repeater
twisted-pair hubs or Ethernet
(UTP) switches

1Base-5 Category 3 UTP, 100 m 1 Mbps Star, using simple

or above repeater hubs

10Broad-36 Coaxial (RG-58 3600 m 10 Mbps Bus (often only

A/U CATV type) point-to-point)

10Base-FL Fiber-optic - two 2000 m (full- 10 Mbps Star (often only

strands of duplex) point-to-point)
multimode
62.5/125 fiber

100Base-TX Category 5 UTP 100 m 100 Mbps Star, using either

simple repeater
hubs or Ethernet
switches

100Base-FX Fiber-optic - two 412 meters (Half- 100 Mbps Star (often only
strands of Duplex) point-to-point)
multimode (200 Mb/s
62.5/125 fiber 2000 m (full- full-duplex
duplex) mode)

1000Base-SX Fiber-optic - two 260 m 1 Gbps Star, using

strands of buffered
multimode distributor hub
62.5/125 fiber (or point-to-
point)

1000Base-LX Fiber-optic - two 440 m (multimode) 1 Gbps Star, using

strands of 5000 m buffered
multimode (singlemode) distributor hub
62.5/125 fiber or (or point-to-
monomode fiber point)

1000Base-CX Twinax, 150- 25 m 1 Gbps Star (or point-to-

 Ohm-balanced, point)
shielded,
specialty cable

1000Base-T Category 5 100 m 1 Gbps Star

802.5 (token ring)

The IEEE 802.5 Token Ring standards define services for the OSI physical layer and the MAC
sublayer of the data link layer. Token Ring computers are situated on a continuous network loop. A
Token Ring controls access to the network by passing a token, from one computer to the next.
Before they can transmit data they must wait for a free token, thus token passing does not allow
two or more computers to begin transmitting at the same time.
Token Ring
Media MAC Signal Propagation Speed Topologies Maximum
Method Method Connections

Twisted-pair Token Forwarded from device to 4 Mbps Ring 255 nodes per
(various passing device (or port to port on a 16 Star-using Token segment
types) hub) in a closed loop Mbps Ring repeater
hubs

802.11b (wireless)

802.11b is a wireless Ethernet technology operating at 11MB. 802.11b devices use Direct Sequence
Spread Spectrum (DSSS) radio technology operating in the 2.4GHz frequency band.
An 802.11b wireless network consists of wireless NICs and access points. Access points act as
wireless hubs to link multiple wireless NICs into a single subnet. Access points also have at least
one fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet
network.. Wireless and wired devices can coexist on the same network.
802.11b devices can communicate across a maximum range of 50-300 feet from each other.

FDDI networking technologies

Fiber Distributed Data Interface, shares many of the same features as token ring, such as a token
passing, and the continuous network loop configuration. But FDDI has better fault tolerance
because of its use of a dual, counter-rotating ring that enables the ring to reconfigure itself in case
of a link failure. FDDI also has higher transfer speeds, 100 Mbps for FDDI, compared to 4 - 16
Mbps for Token Ring.
Unlike Token Ring, which uses a star topology, FDDI uses a physical ring. Each device in the ring
attaches to the adjacent device using a two stranded fiber optic cable. Data travels in one direction
on the outer strand and in the other direction on the inner strand. When all devices attached to the
dual ring are functioning properly, data travels on only one ring. FDDI transmits data on the
second ring only in the event of a link failure.
Media MAC Signal Propagation Method Speed Topologies Maximum
Method Connections

Fiber- Token Forwarded from device to device 100 Double ring 500 nodes
optic passing (or port to port on a hub) in a Mbps Star
closed loop

Specify the characteristics (e.g., speed, length, topology, cable type, etc.) of the
following 802.3 (Ethernet) standards:
 Cable Type Maximum Speed Topology
Length

10Base-5 Coaxial 500 m 10 Mbps Bus

10Base-2 Thin Coaxial 185 m 10 Mbps Bus

(RG-58 A/U)

10Base-T Category 3 or 100 m 10 Mbps Star, using either

above simple repeater
unshielded hubs or Ethernet
twisted-pair switches
(UTP)

100Base-TX Category 5 UTP 100 m 100 Mbps Star, using either

simple repeater
hubs or Ethernet
switches

100Base-FX Fiber-optic 412 meters (Half- 100 Mbps Star (often only
Duplex) point-to-point)
(200 Mb/s
2000 m (full- full-duplex
duplex) mode)

1000Base-LX Fiber-optic 440 m 1 Gbps Star, using

(multimode) 5000 buffered distributor
m (singlemode) hub (or point-to-
point)

1000Base-T Category 5 100 m 1 Gbps Star

Media and Topologies Part 2

Recognize the following media connectors and describe their uses:
RJ-11
Standard telephone cable connectors, usually have 4-6 wires.

RJ-45

RJ-45 connectors are used with 10-

100BaseT cables. These resemble
telephone RJ-11 connectors, but are larger
and house 8 wires while RJ-11 house 4 or 6
wires. They are connected to the cable by
crimping.

AUI
 A thicknet network connection uses a 15 pin attachment unit interface (AUI)
to connect the 15 pin DB 15 connector on the back of the network adapter card
to an external transceiver (shown left). The transceiver for thicknet Ethernet
includes a vampire tap (shown on top of the transceiver) which pierces the
thicknet cable to make the network connection. From the transceiver to the
network card a drop cable is attached.
BNC

BNC connector for

coaxial cables. These BNC T connector, which joins
are either soldered, or the network card to the network
crimped to the end of cable.
the cable.

BNC barrel connector, used to connect two cables together. It is better to

use one continuous length of cable, as these connectors weaken the signal
strength.

ST / SC

Fiber network segments always require two fiber cables: one for transmitting data, and one for
receiving. Each end of a fiber cable is fitted with a plug that can be inserted into a network
adapter, hub, or switch. In the North America, most cables use a square SC connector that slides
and locks into place when inserted into a node or connected to another fiber cable, Europeans use
a round ST connector instead.
Both connectors offer the same features as far as distance and reliability, Connectors of different
types can communicate with the use of adapters or couplers, but it is best to choose one type of
connector and stick with it over your entire network.

Round ST connector used with fiber optic Square SC connector, used with fiber
cabling. optic cabling.

Twisted-pair

Twisted-pair cabling comes in two basic types shielded and unshielded. Unshielded twisted-pair
cable (UTP) is the most widely used in medium size LAN's. UTP is easy to work with and
inexpensive. Shielded twisted-pair (STP) cable protects signals from cross signaling that can result
from other, nearby cables. STP offers higher data transmission speeds, and larger networks.
Networks that use twisted-pair cabling include Token Ring, Ethernet, and Fast Ethernet networks.
Describe the purpose, features, and functions of the following network components:
Hubs

Stackable hubs Small hub

A Hub is a component that provides a common connection point for computers, printers, and other
network devices in a star topology network. Allowing them to be managed from a central location.
Also, hubs allow you to connect and disconnect an individual computer/device without disrupting
the network. Hubs operate at the physical layer of the OSI Model.
There are two basic types of hubs, passive and active.
Passive hubs simply provide a junction point, to send the data signal on to other devices on the
network.
Active Hubs, regenerate and retransmit the data signal, because they repeat the signal they can,
increase the diameter of the network. In an Ethernet hub the signal is regenerated to all devices at
the same time, while a Token Ring hub will only regenerate the signal to the next to the next
device in line. You can tell if a hub is active because it requires electricity.
Active hubs because they act like repeaters are sometimes called multiport repeaters.

Switches

Switches are a special type of hub that offers an additional layer of intelligence to basic, physical-
layer, repeater hubs. A switch must be able to read the MAC address of each frame it receives. This
information allows switches to repeat incoming data frames only to the computer or computers to
which a frame is addressed. This speeds up the network and reduces congestion.
Switches operate at both the physical layer and the data link layer of the OSI Model.

Bridges

A bridge is used to join two network segments together; it allows computers on either segment to
access resources on the other. They can also be used to divide large networks into smaller
segments. Bridges have all the features of repeaters, but can have more nodes, and since the
network is divided, there is fewer computers competing for resources on each segment thus
improving network performance.
Bridges can also connect networks that run at different speeds, different topologies, or different
protocols. But they cannot, join an Ethernet segment with a Token Ring segment, because these
use different networking standards.
Bridges operate at both the Physical Layer and the MAC sublayer of the Data Link layer. Bridges
read the MAC header of each frame to determine on which side of the bridge the destination device
is located, the bridge then repeats the transmission to the segment where the device is located.

Routers

A device used to connect networks of different types, such as those using different topologies and
protocols. They can operate at the first three layers of the OSI Model. This means they can switch
and route packets across multiple networks. Routers determine the best path for sending data.
You can use routers, to segment a large network, and to connect local area segments to a single
network backbone that uses a different physical layer and data link layer standard. They can also
be used to connect LAN's to a WAN's.
Brouters are a combination bridge, and router in one device. Brouters are more cost effective as
both the bridge and router are combined together

Gateways
A gateway is a device used to connect networks using different protocols. Gateways operate at the
network layer of the OSI model.
In order to communicate with a host on another network, an IP host must be configured with a
route to the destination network. If a configuration route is not found, the host uses the gateway
(default IP router) to transmit the traffic to the destination host. The default t gateway is where the
IP sends packets that are destined for remote networks. If no default gateway is specified,
communication is limited to the local network.
Gateways receive data from a network using one type of protocol stack, removes that protocol
stack and repackages it with the protocol stack that the other network can use.

CSU/DSU’s

A CSU/DSU is a device that combines the functionality of a channel service unit (CSU) and a data
service unit (DSU). These devices are used to connect a LAN to a WAN, and they take care of all
the translation required to convert a data stream between these two methods of communication.
A DSU provides all the handshaking and error correction required to maintain a connection across a
wide area link, similar to a modem. The DSU will accept a serial data stream from a device on the
LAN and translate this into a useable data stream for the digital WAN network. It will also take care
of converting any inbound data streams from the WAN back to a serial communication.
A CSU is similar to a DSU except it does not have the ability to provide handshaking or error
correction. It is strictly an interface between the LAN and the WAN and relies on some other device
to provide handshaking and error correction.

Network interface cards/ISDN adapters/system area network cards

Network Interface Card, or NIC is a hardware card installed in a computer so it can

communicate on a network. The network adapter provides one or more ports for the network cable
to connect to, and it transmits and receives data onto the network cable.
Every networked computer must also have a network adapter driver, which controls the network
adapter. Each network adapter driver is configured to run with a certain type of network adapter.
A networked computer must also have one or more protocol drivers (sometimes called a transport
protocol or just a protocol). The protocol driver works between the upper-level network software
and the network adapter to package data to be sent on the network.
In most cases, for two computers to communicate on a network, they must use identical protocols.
Sometimes, a computer is configured to use multiple protocols. In this case, two computers need
only one protocol in common to communicate. For example, a computer running File and Printer
Sharing for Microsoft Networks that uses both NetBEUI and TCP/IP can communicate with
computers using only NetBEUI or TCP/IP.

ISDN

Integrated Services Digital Network adapters can be used to send voice, data, audio, or video over
standard telephone cabling. ISDN adapters must be connected directly to a digital telephone
network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the
digital ISDN signal.
Like standard modems, ISDN adapters are available both as internal devices that connect directly
to a computer's expansion bus and as external devices that connect to one of a computer's serial
or parallel ports. ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps (using a T1
carrier service).
ISDN hardware requires a NT (network termination) device, which converts network data signals
into the signaling protocols used by ISDN. Some times, the NT interface is included, or integrated,
with ISDN adapters and ISDN-compatible routers. In other cases, an NT device separate from the
adapter or router must be implemented.
ISDN works at the physical, data link, network, and transport layers of the OSI Model.

Wireless access points

A wireless network adapter card with a transceiver sometimes called an access point, broadcasts
and receives signals to and from the surrounding computers and passes back and forth between
the wireless computers and the cabled network.
Access points act as wireless hubs to link multiple wireless NICs into a single subnet. Access points
also have at least one fixed Ethernet port to allow the wireless network to be bridged to a
traditional wired Ethernet network..

Modems

A modem is a device that makes it possible for computers to communicate over telephone lines.
The word modem comes from Modulate and Demodulate. Because standard telephone lines use
analog signals, and computers digital signals, a sending modem must modulate its digital signals
into analog signals. The computers modem on the receiving end must then demodulate the analog
signals into digital signals.
Modems can be external, connected to the computers serial port by an RS-232 cable or internal in
one of the computers expansion slots. Modems connect to the phone line using standard telephone
RJ-11 connectors.

Network+ Media and Topologies part 1

Given an example, identify a MAC address.

Every device on the network must have a unique MAC address to ensure proper receiving and
transmission of data. The MAC address is a device's actual physical address, which is usually
designated by the manufacturer of the device
Medium Access Control sub layer Operations The purpose of the MAC sub layer is to determine
when each frame should be passed on to the physical layer to be transmitted as a data signal over
the network. The MAC sub layer governs which devices have permission to transmit data over the
network and when. There are four basic methods for controlling access to the network, polling,
contention, token passing, and switching.

Identify the seven layers of the OSI model and describe their functions.

The Open Systems Interconnection (OSI) Reference Model is a modular framework for developing
standards that are based on a division of network operations into seven, sets of network services.

Data travels from the sending computer down through all the layers to the physical layer where the
data is put onto the network cabling, and then sent to the physical layer of the receiving computer
where the process reverses and the data travels up through the layers to the application layer of
the receiving computer.
 Layer Description Devices Protocols

Gives user applications access to SNMP,

network. This layer represents the SMTP, FTP,
services, that directly support the TELNET,
Application Gateway
user applications such as software for HTTP, NCP,
file transfers, database access, and SMB,
e-mail. AppleTalk

Encodes and converts user

information into binary data. Provides Gateway and NCP, AFP,
Presentation
protocol conversion, encryption, and redirectors TDI
compression.

Opens manages, and closes

conversations between two
computers. It performs name
recognition and the functions such as
Session Gateway NetBIOS
security, needed to allow two
applications to communicate over the
network, also provides error
handling.

Sequences data packets, and

requests retransmission of missing NetBEUI,
Transport packets. It also repackages messages Gateway TCP, SPX,
for more efficient transmission over NWlink
the network.

Routes data packets across network

IP, IPX,
segments. Translates logical
Network Router, Brouter NWlink,
addresses and names into physical
NetBEUI
addresses.

Transmits frames of data from

Switch, Bridge,
Data Link computer to computer on the same None
and Brouter
network segment.

Defines cabling and connections. Repeaters, Hubs,

Physical Transmits data over the physical Transceivers, None
media. Amplifiers

Differentiate between the following network protocols in terms of routing, addressing

schemes, interoperability, and naming conventions:

TCP/IP

Transmission Control Protocol, A connection based Internet protocol responsible for breaking data
into packets, which the IP protocol sends over the network. IP is located at the TCP/IP Internet
layer which corresponds to the network layer of the OSI Model. IP is responsible for routing packets
by their IP address.
IP is a connectionless protocol. which means, IP does not establish a connection between source
and destination before transmitting data, thus packet delivery is not guaranteed by IP. Instead,
this must be provided by TCP. TCP is a connection based protocol and, is designed to guarantee
delivery by monitoring the connection between source and destination before data is transmitted.
TCP places packets in sequential order and requires acknowledgment from the receiving node that
they arrived properly before any new data is sent.
IPX/SPX

Internet work Packet Exchange/Sequenced Packet Exchange developed by Novell and is used
primarily on networks that use the Novell NetWare network operating system. The IPX and SPX
protocols provide services similar to those offered by IP and TCP. Like IP, IPX is a connectionless
network layer protocol. SPX runs on top of IPX at the transport layer and, like TCP, provides
connection oriented, guaranteed delivery.
IPX nodes do not have to be configured with a unique node identifier; instead, they copy the MAC
address of the network interface card into the IPX node address field. The IPX header contains
information about which transport layer protocol receives a particular packet. With IPX, this
information is contained in the destination socket field. Servers have pre specified destination
socket numbers, so workstations always know what value to use to send information to the server.
In contrast, these workstations assign source socket numbers dynamically for their own protocols
outside the server socket number's range.
IPX routing protocols require each logical network to have a different network number in order to
forward IPX packets correctly. But, unlike IP, with IPX only servers and routers must be configured
with a network number. New network stations first use dynamic Routing Information Protocol (RIP)
routing packets to learn network topography and configuration from servers and routers and then
configure themselves accordingly.
Because IPX is a connectionless protocol, NetWare servers are unable to tell if a station's
connection to the server is currently active. To avoid reserving resources for inactive users, the
NetWare server sends a watchdog packet to a client after a predetermined length of inactivity. The
packet asks if the client is still connected and, if the client does not respond, the server terminates
the connection.
SPX is connection oriented and, thus, does not require the use of watchdog packets. However,
network devices will keep an SPX session open by sending keep alive packets to verify the
connection.

NetBEUI

NetBIOS Enhanced User Interface was designed as a small, efficient protocol for use in
department-sized LANs of 20-200 computers that do not need to be routed to other subnets.
NetBEUI is used almost exclusively on small, non-routed networks.
As an extension of NetBIOS, NetBEUI is not routable, therefore networks supporting NetBEUI must
be connected with bridges, rather than routers, like NetBIOS, the NetBEUI interface must be
adapted to routable protocols like TCP/IP for communication over WANs.

AppleTalk

AppleTalk is a LAN architecture built into all Apple Macintosh computers. While AppleTalk is a
proprietary network, many companies now market AppleTalk based products, including Novell and
Microsoft. Similarly, designed to be link layer independent, AppleTalk supports Apple's Local Talk
cabling scheme, but also runs over Ethernet (Ether Talk), Token Ring (Token Talk), and Fiber
Distributed Data Interface, or FDDI (Federal).
AppleTalk node addresses are assigned dynamically to ensure minimal network administration
overhead. When a node running AppleTalk starts up, it generates a random network layer protocol
address and then sends out a broadcast to determine whether that particular address is already in
use. If it is, the node with the conflicting address responds and the broadcasting node selects a
new address and repeats the inquiry process.

Identify the OSI layers at which the following network components operate: hubs,
switches, bridges, routers, and network interface cards

Layer Devices
 Application Gateway

Presentation Gateway and redirectors

Session Gateway

Transport Gateway

Network Router, Brouter

Data Link Switch, Bridge, and Brouter

Physical NIC's, Repeaters, Hubs, Transceivers, Amplifiers

Define the purpose and function of the following protocols within TCP/IP:

IP

Internet Protocol is the standard for data packet delivery over the Internet. IP is a network layer
protocol that provides network addressing for identifying senders and receivers. IP also defines
how data packets can be routed across the network to their destinations.
Routers forward each packet across the Internet based on its destination IP address. Each device
attached to the Internet or any IP network must have a unique IP address.

TCP

Transmission Control Protocol, A connection-based Internet protocol responsible for breaking data
into packets, which the IP protocol sends over the network. This protocol provides a reliable,
sequenced communication stream for network communication.
UDP

User Datagram Protocol runs on top of IP and is used as an alternative to TCP. UDP does not,
however, provide any error checking for guaranteeing packet delivery. Because UDP is not as
complex as TCP, it is also faster. It is often used for broadcast messages and for streaming audio
and video. UDP is a connectionless transport protocol.

FTP

File Transfer Protocol, is used for exchanging files in a TCP/IP environment and is implemented at
the application layer of the OSI model.

TFTP

Trivial File Transfer Protocol is a file transfer protocol that transfers files to and from a remote
computer running the TFTP service. TFTP was designed with less functions than FTP.

SMTP

Simple Mail Transfer Protocol, is used to transfer messages between two remote computers. It is
used on the Internet, and is part of the TCP/IP protocol stack.

HTTP

Hypertext Transfer Protocol is the underlying protocol for the World Wide Web. HTTP defines how
all resources on the web are transferred and what action web servers and browsers should take in
response to commands.
HTTP is a "stateless" protocol, meaning each command is executed independently, without any
knowledge of the commands that came before it.
HTTPS

The secure hypertext transfer protocol is a communications protocol designed to transfer encrypted
information between computers over the World Wide Web. HTTPS is HTTP using a Secure Socket
Layer (SSL). A secure socket layer is an encryption protocol invoked on a Web server that uses
HTTPS. Most implementations of the HTTPS protocol involve online purchasing or the exchange of
private information. Accessing a secure server often requires some sort of registration, login, or
purchase. The successful use of the HTTPS protocol requires a secure server to handle the request.

POP3/IMAP4

Post Office Protocol, used to retrieve e-mail from a mail server. Most e-mail applications use the
POP protocol, although some use the newer IMAP (Internet Message Access Protocol).
This older POP2 requires SMTP to send messages. While POP3, can be used with or without SMTP.

Telnet

Short for Telecommunication Network, a virtual terminal protocol allowing a user logged on to one
TCP/IP host to access other hosts on the network.

ICMP

Internet Control Message Protocol is a maintenance protocol in the TCP/IP suite, required in every
TCP/IP implementation, that allows two nodes on an IP network to share IP status and error
information. ICMP is used by the ping utility to determine the readability of a remote system.

ARP

Address Resolution Protocol, is a TCP/IP protocol used to convert an IP address into a physical
address, such as an Ethernet address. A host wishing to obtain a physical address broadcasts an
ARP request onto the TCP/IP network. The host on the network that has the IP address in the
request then replies with its physical hardware address.

NTP

The Network Time Protocol is used to synchronize the time of a computer client or server to
another server or reference time source, such as a radio or satellite receiver or modem. It provides
accuracy's typically within a millisecond on LANs and up to a few tens of milliseconds on WANs.

Define the function of common TCP and UDP ports.

All upper layer applications that use TCP or UDP have a port number that identifies the application.
This enables the port number to identify the type of service that one TCP system is requesting from
another.
Some commonly used ports
Port Number Service

80 HTTP

21 FTP

110 POP3

25 SMTP

23 Telnet
Protocols and Standards Part 2
2.7 Given a network implementation scenario, select the appropriate network service
(e.g., DHCP/bootp, DNS, NAT/ICS, WINS, and SNMP).

DHCP/bootp
Dynamic Host Configuration Protocol is a server service. When a DHCP server is configured on a
network , clients that support DHCP can request TCP/IP configuration information from the server.
This makes makes configuration of TCP/IP much easier on the client computer.
For example the following can be automatically obtained:

• The IP address
• The subnet mask
• Default Gateway

All these setting are automatically binded to the network card of the client computer. It is possible
for DHCP to assign a different IP address to a client each time the machine logs on to the network.
A DHCP/BOOTP relay agent is hardware or software that passes DHCP/BOOTP packets from one
subnet to another subnet. If the routers that connect the subnet are RFC 1542 compliant routers,
the DHCP/BOOTP relay agent can provide IP addresses to clients in multiple subnets. If the router
cannot function as a relay agent, each subnet that has DHCP clients requires its own DHCP Server.
DNS
Domain Name System, enables short alphabetical names to be assigned to IP addresses to
describe where a computer is located. For example instead of trying to remember an IP address
composed of numbers, such as 198.46.8.34 you could with DNS type HTTP://www.microsoft.com.
NAT
Network Address Translation is a process that lets an entire network connect to a PPP server and
appear as a single IP address, thus helping to conceal IP addresses from external hackers and to
alleviate address space shortage.
WINS
While DNS resolves host names to IP addresses, WINS resolves NetBIOS names to IP addresses.
Windows Internet Name Service provides a dynamic database of IP address to NetBIOS name
resolution mappings.
WINS, determines the IP address associated with a particular network computer. This is called
name resolution. WINS supports network client and server computers running Windows.
WINS uses a distributed database that is automatically updated with the names of computers
currently available and the IP address assigned to each one.
DNS is an alternative for name resolution suitable for network computers with fixed IP addresses.
SNMP
Simple Network Management Protocol, is a TCP/IP protocol for monitoring networks and network
components. SNMP uses small utility programs called agents to monitor behavior and traffic on the
network, in order to gather statistical data.
These agents can be loaded onto managed devices such as hubs, NIC's, servers, routers, and
bridges. The gathered data is stored in a MIB (management information base).
To collect the information in a usable form, a management program console polls these agents and
downloads the information from their MIB's, which then can be displayed as graphs, charts and
sent to a database program to be analyzed.

2.8 Identify IP addresses (IPv4 IPv6) and their default subnet masks.

IP is a 32-bit number comprised of a host number and a network prefix, both of which are used to
uniquely identify each node within a network. A shortage of available IP addresses has prompted
the creation of an addressing scheme known as Classless Inter-Domain Routing (CIDR). Among
other capabilities, CIDR allows one IP address to designate many unique IP addresses within a
network. In addition, the current version of the IP address, IPv4, is being upgraded to IPv6. The
latter uses a 128-bit address, allowing for 2128 total IP addresses, as opposed to IPv4's 232.
IPv4 A, B, and C classes of IP addresses and their default subnet mask numbers
To accommodate different size networks, IP defines several address classes. Classes A, B, and C
are used for host addressing, and the only difference between the classes is the length of the
NET_ID subfield:
Class A - addresses are intended for very large networks and can address up to 16,777,216 (224)
hosts per network. The first digit of a Class A addresses will be a number between 1 and 126, the
network ID start bit is 0 and default subnet mask is 255.0.0.0
Class B - addresses are intended for moderate sized networks and can address up to 65,536 (216)
hosts per network. The first digit of a Class B address will be a number between 128 and 191, the
network ID start bit is 10 and the default subnet mask is 255. 255.0.0
Class C - intended for small networks and can address only up to 254 (28-2) hosts per network.
The first digit of a Class C address will be a number between 192 and 223, the network ID start bit
is 110 and their default subnet mask is 255. 255. 255.0

2.9 Identify the purposes of subnetting and default gateways.

Default Gateways
A gateway is a device used to connect networks using different protocols. Gateways operate at the
network layer of the OSI model.
In order to communicate with a host on another network, an IP host must be configured with a
route to the destination network. If a configuration route is not found, the host uses the gateway to
transmit the traffic to the destination host. The default gateway is where the IP sends packets that
are destined for remote networks. If no default gateway is specified, communication is limited to
the local network.
Gateways receive data from a network using one type of protocol stack, removes that protocol
stack and repackages it with the protocol stack that the other network can use.
Subnetworks
A subnet mask is used to mask a portion of the IP address, so that TCP/IP can tell the difference
between the network ID and the host ID. TCP/IP uses the subnet mask to determine whether the
destination is on a local or remote network.

2.10 Identify the basic characteristics (e.g., speed, capacity, media) of the following
WAN technologies:

Packet switching vs. circuit switching

WAN technologies use either circuit switching or packet switching as a connection method.
With circuit switching, data travels over a fixed path that is established at the beginning of the
connection and remains open until the connection is terminated. A telephone call is an example of
a circuit switched link. When you dial a number the telecommunication provider, establishes an
open circuit between your phone and the phone of the person you are calling. No other calls can be
placed over this circuit until you hang up.
Packet switching offers more efficient use of a telecommunication provider's network bandwidth.
With packet switching, the switching mechanisms on the network route each data packet from
switch to switch individually over the network using the best-available path. Any one physical link
in a packet-switched network can carry packets from many different senders and for many
different destinations. Where as in a circuit switched connection, the bandwidth is dedicated to one
sender and receiver only.
ISDN
Integrated Services Digital Network adapters can be used to send voice, data, audio, or video over
standard telephone cabling. ISDN adapters must be connected directly to a digital telephone
network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the
digital ISDN signal.
Like standard modems, ISDN adapters are available both as internal devices that connect directly
to a computer's expansion bus and as external devices that connect to one of a computer's serial
or parallel ports. ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps using a T1
service.
ISDN hardware requires a NT (network termination) device, which converts network data signals
into the signaling protocols used by ISDN. Some times, the NT interface is included, or integrated,
with ISDN adapters and ISDN-compatible routers. In other cases, an NT device separate from the
adapter or router must be implemented.
ISDN works at the physical, data link, network, and transport layers of the OSI Model.
FDDI
Fiber Distributed Data Interface, shares many of the same features as token ring, such as a token
passing, and the continuous network loop configuration. But FDDI has better fault tolerance
because of its use of a dual, counter-rotating ring that enables the ring to reconfigure itself in case
of a link failure. FDDI also has higher transfer speeds, 100 Mbps for FDDI, compared to 4 - 16
Mbps for Token Ring.
Unlike Token Ring, which uses a star topology, FDDI uses a physical ring. Each device in the ring
attaches to the adjacent device using a two stranded fiber optic cable. Data travels in one direction
on the outer strand and in the other direction on the inner strand. When all devices attached to the
dual ring are functioning properly, data travels on only one ring. FDDI transmits data on the
second ring only in the event of a link failure.
Media MAC Signal Propagation Method Speed Topologies Maximum
Method Connections

Fiber- Token Forwarded from device to device 100 Double ring 500 nodes
optic passing (or port to port on a hub) in a Mbps Star
closed loop
ATM
To transmit data Asynchronous Transfer Mode uses fixed sized packets of 53 bytes long called cells
and provides data transfer rates from 25 Mbps to 2400 Mbps. ATM can be used with twisted pair
and fiber optic cabling.
By using standard sized cells, ATM can provide constant, high-speed data streams that audio,
video, and imaging applications require.
Frame Relay
Frame Relay is a WAN technology, connection speeds range from 56 Kbps to 1.544 Mbps using a
T1 carrier service, and speeds up to 45 Mbps using a T3 carrier service. Frame relay is a packet
switched networking protocol.
To connect two or more LANs using Frame Relay, a company must lease one dedicated access line
to the Frame Relay network for each LAN. Frame Relay access lines often use a T1/ E1 line.
Sonet/SDH
Synchronous Optical Network, is a standard for optical telecommunications transport. It was
formulated by the ECSA for ANSI, which sets industry standards in the United States for
telecommunications and other industries. The comprehensive SONET/synchronous digital hierarchy
(SDH) standard is expected to provide the transport infrastructure for worldwide
telecommunications for at least the next two or three decades.
T1/E1
A 1.544 Mbps point to point dedicated, digital circuit provided by the telephone companies. T1 lines
are widely used for private networks as well as interconnections between an organizations LAN and
the telco.
A T1 line uses two pairs of wire one to transmit, and one to receive. and time division multiplexing
(TDM) to interleave 24 64-Kbps voice or data channels. The standard T1 frame is 193 bits long,
which holds 24 8-bit voice samples and one synchronization bit with 8,000 frames transmitted per
second. T1 is not restricted to digital voice or to 64 Kbps data streams. Channels may be combined
and the total 1.544 Mbps capacity can be broken up as required.
T3/E3
A T3 line is a super high-speed connection capable of transmitting data at a rate of 45 Mbps. A T3
line represents a bandwidth equal to about 672 regular voice-grade telephone lines, which is wide
enough to transmit real time video, and very large databases over a busy network. A T3 line is
typically installed as a major networking artery for large corporations, universities with high-
volume network traffic and for the backbones of the major Internet service providers.
OC
Optical Carrier, designations are used to specify the speed of fiber optic networks that conforms to
the SONET standard.
Level Speed
 OC-1 51.85 Mbps

OC-3 155.52 Mbps

OC-12 622.08 Mbps

OC-24 1.244 Gbps

OC-48 2.488 Gbps

2.11 Define the function of the following remote access protocols and services:

RAS
Remote Access Service A service that provides remote networking for telecommuters, mobile
workers, and system administrators who monitor and manage servers at multiple branch offices.
Users with RAS can dial in to remotely access their networks for services such as file and printer
sharing, electronic mail, scheduling, and SQL database access.
PPP
Point to point Protocol facilitates Internet connections over serial lines, including modem
connections. PPP software requires only a destination address usually a phone number for modem
connections and a user login in order to negotiate a complete configuration for each session.
VPN
Virtual private network A remote LAN that can be accessed through the Internet by using PPTP

2.12 Identify the following security protocols and describe their purpose and function:

IPsec
IP Security, is a set of protocols used to support secure exchange of packets at the IP layer.
IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the
data portion of each packet, but leaves the header untouched. The more secure Tunnel mode
encrypts both the header and the data portion.
For IPsec to work, the sending and receiving devices must share a public key. This is accomplished
through a protocol known as Internet Security Association and Key Management Protocol/Oakley,
which allows the receiver to obtain a public key and authenticate the sender using digital
certificates.
L2TP
Layer Two Tunneling Protocol, an extension to the PPP protocol that enables ISPs to operate Virtual
Private Networks. L2TP combines the best features of two other tunneling protocols: PPTP from
Microsoft and L2F from Cisco Systems.
PPTP
PPTP is a networking technology that supports multiprotocol virtual private networks, enabling
remote users to access networks securely across the Internet by dialing into an ISP or by
connecting directly to the Internet.
SSL
Secure Sockets Layer is a protocol that supplies secure data communication through data
encryption and decryption. SSL enables communications privacy over networks by using a
combination of public key, and bulk data encryption.
Kerberos
An authentication system, Kerberos is designed to enable two parties to exchange private
information across an open network. It works by assigning a unique key, called a ticket, to each
user that logs on to the network. The ticket is then embedded in messages to identify the sender of
the message.

2.13 Define the purpose and function of Voice Over IP.

VoIP is the ability to make telephone calls and send faxes over IP based data networks with a
suitable quality of service (QoS) and superior cost/benefit.
Network Implementation
3.1 Describe the basic capabilities (i.e., client support, interoperability, authentication,
file and print services, application support, and security) of the following server
operating systems:

UNIX/Linux
Interoperability
Open source software such as SAMBA is used to provide Windows users with Server Message Block
(SMB) file sharing.
Authentication
Centralized login authentication
File and Print Services
Network File System (NFS) is a distributed file system that allows users to access files and
directories located on remote computers and treat those files and directories as if they were local.
LPR/LPD is the primary UNIX printing protocol used to submit jobs to the printer. The LPR
component initiates commands such as "print waiting jobs," "receive job," and "send queue state,"
and the LPD component in the print server responds to them.
Security
With most Unix operating systems, the network services can be individually controlled to increase
security.
Netware
Client Support
NetWare 5 comes with Novell Client software for three client platforms: DOS and Windows 3.1x,
Windows 95/98, and Windows NT.
Interoperability
You can set the Novell Clients for Windows 95/98 and Windows NT to work with one of three
network protocol options: IP only, IP and IPX, or IPX only.
Authentication
Centralized login authentication
File and Print Services
File Services NetWare offers two choices of mutually compatible file services: Novell Storage
Services (NSS) and the traditional NetWare File System. Both kinds of file services let you store,
organize, manage, access, and retrieve data on the network.
NSS gathers all unpartitioned free space that exists on all the hard drives connected to your server,
together with any unused space in NetWare volumes, and places it into a storage pool. You create
NSS volumes from this storage pool during server installation or later through NWCONFIG.
Novell Distributed Print Services (NDPS) is the default and preferred print system in NetWare.
NDPS supports IP-based as well as IPX-based printing.
Security
Novell has support for a public key infrastructure built into NetWare 5 using a public certificate,
developed by RSA Security.
Windows 2000
Client Support
Windows 3.x, Windows 95, Windows 98, and Windows NT Workstation 4.0.
Interoperability
Windows 2000 Server supports UNIX, Novell NetWare, Windows NT Server 4.0, and Macintosh.
Authentication
Successful user authentication in a Windows 2000 computing environment consists of two separate
processes: interactive logon, which confirms the user's identification to either a domain account or
a local computer, and network authentication, which confirms the user's identification to any
network service that the user attempts to access.
Types of authentication that Windows 2000 supports are:

• Kerberos V5 is used with either a password or a smart card for interactive logon. It is also
the default method of network authentication for services.The Kerberos V5 protocol verifies
both the identity of the user and network services.
 • Secure Socket Layer/Transport Layer Security (SSL/TLS) authentication, is used when a
user attempts to access a secure Web server.

File and Print Services

You can add and maintain printers in Windows 2000 using the print administration wizard, and you
can add file shares using Active Directory management tools. Windows 2000 also offers Distributed
File Services, which let you combine files on more than one server into a single share.
Security
User-level security protects shared network resources by requiring that a security provider
authenticate a user’s request to access resources. The domain controller , grants access to the
shared resource by verifying that the user name and password are the same as those on the user
account list stored on the network security provider. Because the security provider maintains a
network-wide list of user accounts and passwords, each client computer does not have to store a
list of accounts.
Share-level security protects shared network resources on the computer with individually assigned
passwords. For example, you can assign a password to a folder or a locally attached printer. If
other users want to access it, they need to type in the appropriate password. If you do not assign a
password to a shared resource, every user with access to the network can access that resource.
See also Encrypting File System
AppleShare
Client Support
TCP/IP file sharing with Macintosh clients using Network File System (NFS), and File Transfer Apple
File Protocol 3.0.
Interoperability
Windows Server Message Block (SMB) file sharing.
File and Print Services
File Services: Print Services:

• Apple Filing Protocol (AFP) over TCP/IP • PAP (AppleTalk)

and AppleTalk
• Server Message Block (SMB) over • LPR/LPD
TCP/IP

• File Transfer Protocol (FTP) over

TCP/IP
Application Support
• HTTP
• Mail (SMTP, POP, IMAP and Authenticated Post Office Protocol APOP)

• Mac CGI
Mac OS X Server
Client Support
TCP/IP file sharing with Macintosh clients using Network File System (NFS), and File Transfer Apple
File Protocol 3.0.
Interoperability
Mac OS X Server uses the Open Source SAMBA to provide Windows users with Server Message
Block (SMB) file sharing. Network File System (NFS) lets you make folders available to UNIX and
Linux users.
Authentication
Kerberos support for centralized login authentication.
File and Print Services
Mac OS X Server provides support for native Built-in print services can spool files to any
Macintosh, Windows, UNIX, and Linux file PostScript-capable printer over TCP/IP, AppleTalk, or
sharing. Protocols supported include: USB. Macintosh customers can use the LPR support in
Print Center or the Desktop Printer utility to connect
• Apple file services (AFP 3.0) from any to a shared printer. Windows users can use their
AppleShare client over TCP/IP native SMB/CIFS protocol to connect to a shared
• Windows (SMB/CIFS) file sharing using printer. Print services for OS X Server
Samba
• Network File System (NFS) for UNIX • Macintosh and UNIX (LPR/LPD)
and Linux file access
• Windows (SMB/CIFS)
• Internet (FTP)
Application Support
• Apache web server • QuickTime Streaming Server
• WebObjects 5 Deployment • Mail (SMTP, POP, IMAP)
• WebDAV • SSL
• MySQL • PHP
• JavaServer Pages • Java Servlets
• Mac CGI
• Perl
• Caching web proxy
Security

• Multiple-user architecture and user-level access privileges.

• Secure Sockets Layer (SSL) support provides encrypted and authenticated client/server
communications.
• Secure Shell (SSH) provides encryption and authentication for secure remote
administration.
• Kerberos support for centralized login authentication.

3.2 Describe the basic capabilities, (i.e., client connectivity, local security mechanisms,
and authentication) of the following client operating systems:

See 3.1 above

3.3 Describe the main characteristics of VLANs.

A Virtual LAN is a group of devices on one or more LANs that are configured using management
software so that they can communicate as if they were attached to the same LAN segment, when
in fact they are located on a number of different segments. Because VLANs are based on logical
instead of physical connections, they are more flexible.
For a computer to communicate with devices on different LAN segments other than the segment it
is located on, requires the use of a router. And as networks expand, more routers are needed to
separate users into broadcast and collision domains, and provide connectivity to other LANs. Since
routers add latency, this can result in the delay of data transfer over the network.
Switches are used in VLANs to create the same division of the network into separate broadcast
domains, but without the latency problems of a router.
Advantages to using VLANs:
Switched networks increase performance, by reducing the size of collision domains. Users can be
grouped into logical networks which will increase performance by limiting broadcast traffic to users
performing similar functions or within individual workgroups. Less traffic needs to be routed,
causing the latency added by routers to be reduced.
VLANs provide an easier way to modify logical groups in changing environments. VLANs make large
networks more manageable by allowing centralized configuration of devices located in physically
different locations.
Software configurations can be made across machines with the consolidation of a department’s
resources into a single subnet. IP addresses, subnet masks, and local network protocols will be
more consistent across the entire VLAN.
VLANs provide independence from the physical topology of the network by allowing physically
diverse workgroups to be logically connected within a single broadcast domain.
A switched network delivers frames only to the intended recipients, and broadcast frames only to
other members of the VLAN. This allows the network administrator to segment users requiring
access to sensitive information into separate VLANs from the rest of the general user community
regardless of physical location, thus enhancing security.

Network Implementation Part 2

3.4 Describe the main characteristics of network-attached storage.

RAID
Redundant Array of Inexpensive (or Independent) Disks. A RAID array is a collection of drives
which collectively act as a single storage system, which can tolerate the failure of a drive without
losing data, and which can operate independently of each other.
Level 0 referred to as striping, is not redundant. Data is split across drives, resulting in higher data
throughput. Since no redundant information is stored, performance is very good, but the failure of
any disk in the array results in all data loss.
Level 1 referred to as mirroring with 2 hard drives. It provides redundancy by duplicating all data
from one drive on another drive. Performance is better than a single drive, but if either drive fails,
no data is lost. This is a good entry-level redundant system, since only two drives are required.
Level 2, which uses Hamming error correction codes, is intended for use with drives which do not
have built-in error detection. All SCSI drives support built-in error detection, so this level is not
needed if using SCSI drives.
Level 3 stripes data at a byte level across several drives, with parity stored on one drive. It is
otherwise similar to level 4. Byte-level striping requires hardware support for efficient use.
Level 4 stripes data at a block level across several drives, with parity stored on one drive. The
parity information allows recovery from the failure of any single drive. Performance is very good for
reads. Writes, however, require that parity data be updated each time. This slows small random
writes, in particular, though large writes or sequential writes are fairly fast.
Level 5 striping with distributed parity. Similar to level 4, but distributes parity among the drives.
No single disk is devoted to parity. This can speed small writes in multiprocessing systems.
Because parity data must be distributed on each drive during reads, the performance for reads
tends to be considerably lower than a level 4 array.

3.5 Explain when to implement fault tolerance and disaster recovery.

Fault tolerance is the ability of a system to continue functioning when part of the system fails.
Normally, fault tolerance is used in describing disk subsystems, but it can also apply to other parts
of the system or the entire system. Fully fault-tolerant systems use redundant disk controllers and
power supplies as well as fault-tolerant disk subsystems. You can also use an uninterruptible power
supply (UPS) to safeguard against local power failure.
Although the data is always available in a fault-tolerant system, you still need to make backups
that are stored offsite to protect the data against disasters such as a fire.

3.6 Given a remote connectivity scenario, select the appropriate communication

approach, protocol, and settings to apply.

IP

Determine whether the remote access server will use DHCP or a static IP address pool to obtain
addresses for dial-up clients. If you use a static IP address pool, determine whether the pool will be
ranges of addresses that are a subset of addresses from the IP network to which the server is
attached or a separate subnet. If the static IP address pool address ranges represent a different
subnet, ensure that routes to the address ranges exist in the routers of your intranet so that traffic
to connected remote access clients is forwarded to the remote access server.

IPX

Internetwork Packet Exchange (IPX) is the traditional Novell communications protocol that sends
data packets to requested destinations (such as workstations or servers).
An IPX network address is a hexadecimal number, one to eight digits (1 to FFFFFFFE), that
identifies a specific network cable segment. IPX network segments can process more than one
frame type. Each frame type that is used on the network is treated as a logical network segment
and requires its own IPX address—even though each frame type is using the same network board
and physical cable segment.

PPP

Point-to-Point Protocol, is a set of industry-standard framing and authentication protocols that

enable remote access solutions to function in a multivendor network. It is recommended that you
use PPP because of its flexibility and its role as an industry standard as well as for future flexibility
with client and server hardware and software.
PPP support enables computers to dial in to remote networks through any server that complies with
the PPP standard. PPP also enables remote access clients to use any combination of IPX, TCP/IP,
NetBEUI, and AppleTalk. Remote access clients running Windows NT and Windows 2000, Windows
98, and Windows 95 can use any combination of TCP/IP, IPX, and NetBEUI and programs written to
the Windows Sockets, NetBIOS, or IPX interface. Microsoft remote access clients do not support
the use of the AppleTalk protocol over a remote access connection.
PPP standards are defined in Requests for Comments (RFCs), which are published by the Internet
Engineering Task Force and other working groups.
PPP connection sequence
When you connect to a remote computer, PPP negotiation accomplishes the following:

• Framing rules are established between the remote computer and server. This allows
continued communication (frame transfer) to occur.
• The remote access server then authenticates the remote user by using the PPP
authentication protocols (MS-CHAP, EAP, CHAP, SPAP, PAP). The protocols that are invoked
depend on the security configurations of the remote client and server.
• Once authenticated, if callback is enabled, the remote access server hangs up and calls the
remote access client.
• The Network Control Protocols (NCPs) enable and configure the remote client for the desired
LAN protocols.

PPTP Point-to-Point Tunneling Protocol is networking technology that supports multiprotocol virtual
private networks (VPNs), enabling remote users to access corporate networks securely across the
Internet. Unlike the Point-to-Point Protocol (PPP), which is designed to support a dial-up network
connection to the Internet, PPTP does not rely upon a dial-up connection. It can be used to provide
secure, tunneled end-to-end Internet connections through other remote access technologies, such
as Internet access provided through DSL.

Authentication

Microsoft dial-up networking clients typically use MS-CHAP authentication. Non-Microsoft dial-up
networking clients use CHAP, SPAP, and PAP authentication.
CHAP Challenge Handshake Authentication Protocol is a challenge-response authentication protocol
that uses the industry-standard Message Digest 5 (MD5) hashing scheme to encrypt the response.
CHAP is used by various vendors of network access servers and clients.
MS-CHAP Microsoft Challenge Handshake Authentication Protocol. MS-CHAP is a nonreversible,
encrypted password authentication protocol. The challenge handshake process works as follows:
 • The remote access server or the IAS server sends a challenge to the remote access client
that consists of a session identifier and an arbitrary challenge string.
• The remote access client sends a response that contains the user name and a nonreversible
encryption of the challenge string, the session identifier, and the password.
• The authenticator checks the response and, if valid, the user's credentials are authenticated.

PAP Password Authentication Protocol uses plaintext passwords and is the least sophisticated
authentication protocol. It is typically negotiated if the remote access client and remote access
server cannot negotiate a more secure form of validation.
SPAP Shiva Password Authentication Protocol is a reversible encryption mechanism employed by
Shiva. This form of authentication is more secure than plaintext but less secure than CHAP or MS-
CHAP.

3.7 Identify the purpose and benefits of using a firewall/proxy.

Firewall

A firewall is used to prevent unauthorized access to or from a network. They are frequently used to
prevent unauthorized users from accessing private networks connected to the Internet, especially
intranets. All messages entering or leaving the intranet pass through the firewall, which examines
each message and blocks those that do not meet the specified security criteria.
Firewall techniques:

• Packet filter looks at each packet entering or leaving the network and accepts or rejects it
based on user-defined rules.
• Application gateway applies security mechanisms to specific applications, such as FTP and
Telnet servers.
• Circuit-level gateway applies security mechanisms when a TCP or UDP connection is
established. Once the connection has been made, packets can flow between the hosts
without further checking.

Proxy

Is a server that sits between a client application, such as a web browser, and a real server.When a
client program makes a request, the proxy server responds by translating the request and passing
it to the Internet. When a computer on the Internet responds, the proxy server passes that
response back to the client program on the computer that made the request. The proxy server
computer has two network interfaces: one connected to the LAN and one connected to the
Internet.
The primary security features of Proxy Server are:

• It blocks inbound connections.

• LAN clients can initiate connections to Internet servers, but Internet clients cannot initiate
connections to LAN servers.
• It can restrict outbound connections.

3.8 Given a scenario, predict the effects of a particular security implementation on

network performance.

Encryption

Windows 2000
The Encrypting File System (EFS) provides the core file encryption technology used to store
encrypted files on NTFS file system volumes. Once you encrypt a file or folder, you work with the
encrypted file or folder just as you do with any other files and folders. Encryption is transparent to
the user that encrypted the file. This means that you do not have to decrypt the encrypted file
before you can use it. You can open and change the file as you normally do. However, an intruder
who tries to access your encrypted files or folders will be prevented from doing so. An intruder
receives an access denied message if the intruder tries to open, copy, move, or rename your
encrypted file or folder.
You encrypt or decrypt a folder or file by setting the encryption property for folders and files just as
you set any other attribute such as read-only, compressed, or hidden. If you encrypt a folder, all
files and subfolders created in the encrypted folder are automatically encrypted. It is recommended
that you encrypt at the folder level.
You can also encrypt or decrypt a file or folder using the command-line function cipher. For more
information about the cipher command, type cipher /? at a command prompt.
Main points about EFS
Only files and folders on NTFS volumes can be encrypted.
You cannot encrypt files or folders that are compressed. First you must uncompress the file or
folder, then you can encrypt it. On a compressed volume, uncompress folders you want to encrypt.
You cannot share encrypted files.
Encrypted files can become decrypted if you copy or move the file to a volume that is not an NTFS
volume.
Use cutting and pasting to move files into an encrypted folder. If you use a drag-and-drop
operation to move the files, they will not automatically be encrypted in the new folder.
System files cannot be encrypted.
Encrypting a folder or file does not protect against deletion. Anyone with delete permission can
delete encrypted folders or files.

3.9 Given a network installation scenario, select the appropriate NIC and configuration
settings.

full/half duplex

Half duplex refers to the transmission of data in just one direction at a time. Full duplex refers to
the transmission of data in two directions simultaneously. Most NICs contain a setting that lets you
select between half-duplex and full-duplex modes.

Speeds

Make sure the NIC is the right speed for the network, if it is 100Base-TX then use a NIC capable of
100 Mbps.

Network Support
4.1 Given a troubleshooting scenario, select the appropriate TCP/IP utility from among
the following:

tracert

Tracert Utility runs at a Command prompt. It can trace a path from you to an URL or IP address. It
does this by sending an ICMP echo packet, to the named host. This will show how many hops the
packets have to travel and how long it takes.
Syntax for tracert :

• -d Do not resolve addresses to hostnames.

• -h Maximum number of hops to search for target.
• -j Loose source route along host-list.
• -w Change time-out value.

ping
Is command, which forwards a packet to a URL over the Internet or within an Intranet. This verifies
that TCP/IP is configured correctly and that a connection can be made.
The basic ping command syntax is "ping hostname".
Ping 127.0.0.1 This is the loopback address and verifies that the computer that you are pinging
from can communicate via TCP/IP with its own ethernet adapter.

arp

Address Resolution Protocol, a TCP/IP protocol used to convert an IP address into a physical
address (called a DLC address), such as an Ethernet address. A host wishing to obtain a physical
address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the
IP address in the request then replies with its physical hardware address.
There is also Reverse ARP (RARP) which can be used by a host to discover its IP address. In this
case, the host broadcasts its physical address and a RARP server replies with the host's IP address.
ARP Syntax:

• -a or arp -g Both of these commands do the same thing. They display the contents of your
current arp cache.
• -s (IP address hardware address) This commands a static entry to the arp cache.
• -d (IP address) Removes and entry from the arp cache.

netstat

Display protocol information and connection status and provides useful information regarding traffic
flow.
Syntax:

• netstat -i lists statistics for each interface.

• netstat -s provides a full listing of several counters.
• netstat -rs provides routing table statistics.
• netstat -an reports all open ports.

nbtstat

Checks NETBIOS connections and update LMHOSTS cache.

Syntax:

• -a Lists the remote machine's name table given its name

• -A Lists the remote machine's name table given its IP address.
• -c Shows the Netbios cache, including the IP addresses
• -n Lists local NetBIOS names.
• -R Reloads the Netbios name cache from the lmhosts file.

ipconfig

Allows you to view TCP/IP settings and configuration.

winipcfg

This utility allows users or adminstrators to see the current IP address and other useful information
about your network configuration.
You can reset one or more IP addresses. The Release or Renew buttons allow you to release or
renew one IP address. If you want to release or renew all IP addresses click Release All or Renew
All.
When one of these buttons is clicked, a new IP address is obtained from either the DHCP service or
from the computer assigning itself an automatic private IP address.
To use the winipcfg utility
 1. Click Start, and then click Run and type winipcfg
2. Click More Info.
3. To see the addresses of the DNS servers the computer is configured to use, click the ellipsis
(...) button to the right of DNS Servers.
4. To see address information for your network adapter(s), select an adapter from the list in
Ethernet Adapter Information.

nslookup

Nslookup (Name Server lookup) is a UNIX shell command to query Internet domain name servers.
For example if you did an nslookup on studynotes.net these are some of the results you could
obtain.
Query Hostname Real Hostname IP Address

Nameserver NS2.TERA-BYTE.COM ns2.tera-byte.com 216.234.161.12

Nameserver NS1.TERA-BYTE.COM raptor.tera-byte.com 216.234.161.11

Nameserver NS3.TERA-BYTE.COM ns3.tera-byte.com 204.209.56.2

Mailserver studynotes.net (pref = 5) studynotes.net 216.194.69.204

Webserver www.studynotes.net studynotes.net 216.194.69.204

FTP server ftp.studynotes.net studynotes.net 216.194.69.204

Definitions

• Nameserver: These are the servers that the internet uses to find out more about the
domain. Usually they are an ISP's computer.
• Mailserver: Where email is sent to.
• Webserver: The domains website.
• FTPserver: FTP is file transfer protocol, this server is where files may be stored.
• Hostname: The name of the host as given by the domain.
• Real Hostname: This is hostname that you get by reverse resolving the IP address, may
be different to the given hostname.
• IP Address: Unique four numbered identifier that is obtained by resolving the hostname.

4.2 Given a troubleshooting scenario involving a small office/home office network

failure (e.g., xDSL, cable, home satellite, wireless, POTS) identify the cause of
the failure.

Example:
Mary works in an small office where there are 4 computers in a peer to peer configuration running
Windows 98 se. She would like to access the Internet through the modem which is attached to
Bob's computer.
How would you set this up so Mary and the other users in her office could connect to the Internet
through Bob's modem ?
Solution: Install Internet Connection Sharing
Problem: Internet Connection Sharing is installed but Mary still can not connect through Bob's
modem.

1. Under LAN and Internet sharing settings is enable Internet connection sharing enabled ?
2. The Internet Connection Sharing wizard will set the IP address of the Connection Sharing
computer (Bob's) to 192.168.0.1. are the other computers on the network set statically to
an IP address in the range from 192.168.0.2 to 192.168.0.253. ?
3. Is TCP/IP installed properly on all computers ?

As you can see this is just one of many possible scenarios, this is why we need your help.
4.3 Given a troubleshooting scenario involving a remote connectivity problem (e.g., authentication
failure, protocol configuration, physical connectivity) identify the cause of the problem.

4.4 Given a security scenario, identify the requirements for an acceptable password.

4.5 Given a network installation scenario, configure the appropriate computer/host name and user
name.

4.6 Given a network installation scenario, including specific parameters, configure a

workstation to connect to the following servers:

The following scenario was send in by Ted

You are setting up a small office LAN. The office already has 12 windows 98 machines running off a
netware 3.11 server. They need to add more clients to the network add upgrade to a new faster
server. Their bugget will not allow for additional netware client licences, and they want you to keep
both costs and complexity at a minimum. They ask you to set them up with a linux server. Once
the the server is installed and running, how do you setup the network to allow the client computers
to connect to the Linux server(choose all that apply) Assume the windows clients were only setup
to network with the netware server

• a.Setup NFS on the linux server

• b.install services for Unix (sfu) on the windows machines
• c.install tcp/ip on the windows machines
• d.install WINE on the Linux server e.setup samba on the Linux server

Answer: c,e
The best way to connect windows clients to linux (or other nixes) is samba. samba allows linux to
use smb/cifs on which windows file sharing is built. ( This is not the offical position of microsoft,
but on that later) With samba installed and properly configured on the server, the windows clients
will be able to connect to the server tcp/ip properly configured.
Whereas NFS would do the job, it would require third party software to work with the windows 98
clients and would not likely be transparent to the end users. SFU is only included in windows 2000,
not windows 98. Note that ( big surprise here) microsoft highly recommends the NFS and SFU be
used for windows 2000 networks. WINE is a windows emulator and would not help for network
connectivity.

4.7 Given a network installation task, select the appropriate networking tool to apply
(e.g., wire crimper, media tester/certifier, punch down tool, tone generator,
optical tester, etc.).

The following scenario was send in by Ted

You are hired to replace a contractor on a large job. The contractor wired a large building with cat
5 cabling, but failed to connect all of the drops to the bank of switches. They also did not label
anything. You are now asked to setup a room with 4 jacks(RJ45) but only 3 of these jack are hot.
You realize that you need to find the other end of this cable on the patch pannel and connect it to
the proper switch. What tool is the best to use to find the other end of the cable?

• a.optical tester
• b.protocol analyzer
• c.multimeter
• d.Tone generator

Answer: d The tone generator could be connected at the jack and the probe used to find the other
end
An optical test would help to test fiberoptics but not cat 5 cable While a multimeter could, in theory
be used, in most cases it is impractical at best and usually impossible. A protocol analyzer would be
useless in this case. There is no traffic to analyze
4.8 Given network maintenance scenario determine whether the visual indicators are
indicating a problem with the network.

4.9 Given a network maintenance scenario, including output from a diagnostic utility
(e.g. tracert, ping, ipconfig, etc), identify the utility and interpret the output.

The following scenario was send in by Ted

You are the network administrator for a small company with two subnets in two locations: Main
office and branch office. Julie is the manager of the branch office. She reports that a new machine
which was just installed will not connect with resources in the main office, but it can coonect with
local machines. The networks are routed and use standard class C private addresses. Main office is
192.168.1.0/24 branch is 192.168.2.0/24 The output of ipconfig look like this
Ethernet adapter Local Area Connection:

• Connection-specific DNS Suffix .: Smallco.local

• IP Address. . . . . . .: 192.168.2.16
• Subnet Mask . . . . . .: 255.255.128.0
• Default gateway . . . . .: 192.168.2.1

What is the problem?

• a.ip address
• b.no DNS server is assigned
• c.subnet mask is wrong
• d.wrong default gateway

Answer: c Class C always has a mask of 255.255.255.0. As a result the new machine thinks that
the 192.168.1.0 network is on its subnet.
There is no evidence to sugest that the problem is the ip address. If there were a conflict you
would gwt a 0.0.0.0 ip address
The symptoms could indicate a bad default gateway, but in this case, the default gateway address
is on the correct subnet. Usually the router is assigned the fist usable address on the subnet, and
that is what we had.
DNS server information is not displayed by ipconfig by itself. You would need to use ipconfig /all to
see that

4.10 Given a network maintenance scenario, predict the effects of modifying, adding, or
removing network components on network resources and users.

4.11 Given a network problem scenario, select an appropriate course of action based on
a general troubleshooting strategy. This strategy includes the following steps 1)
establish symptoms 2) identify the affected area 3) establish what has changed
4) select the most probably cause 5) implement a solution 6) test the result 7)
recognize the potential effects of the solution 8) document the solution

Example:
Your network uses a star topology with 48 users and 3 hubs, one per department. Each hub
handles 16 users. Three users in one of the departments cannot access the network server. What
should you check first?
a) Network connections on the three users' computers
b) Review logon procedures with the users
c) The routing table in the router
d) The departmental hub
Solution: The departmental hub
Explanation: A star configuration consists of a network hub with several ports. Network cables
spread out from it and connect to each computer. A basic star has only one computer on each
network cable extending from the hub. When one hub goes down, each user connected to that hub
loses network access. When several users connected through the same hub report problems, check
the hub before checking individual computers.
The routing table or logon procedures are unlikely to affect only three users. Network connections
on three users' computers would be unlikely to fail at the same time.
Thanks to Kristen for the above example.

4.12 Given a troubleshooting scenario involving a network with a particular physical topology (i.e.,
bus, star/hierarchical, mesh, ring, wireless) and including a network diagram, identify the
network are effected and the cause of the problem.

4.13 Given a network troubleshooting scenario involving a client connectivity problem, identify the
problem:

incorrect protocol

client software

authentication configuration

insufficient rights/permissions

4.14 Given a network troubleshooting scenario involving a wiring/infrastructure problem, identify

the cause of the problem:

bad media

interference

network hardward

Introduction

This talk will cover the basics of IP addressing and subnetting.

Topics covered will include:

• What is an IP Address?
• What are Classes?
• What is a Network Address?
• What are Subnet Masks and Subnet Addresses?
• How are Subnet Masks defined and used?
• How can all this be applied?
• What is CIDR?
• How can I get more information?

IP Addressing
An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP network.
An IP address is a 32 bit binary number usually represented as 4 decimal values, each representing 8
bits, in the range 0 to 255 (known as octets) separated by decimal points. This is known as "dotted
decimal" notation.

Example: 140.179.220.200

It is sometimes useful to view the values in their binary form.

140 .179 .220 .200
10001100.10110011.11011100.11001000

Every IP address consists of two parts, one identifying the network and one
identifying the node. The Class of the address and the subnet mask determine
which part belongs to the network address and which part belongs to the node
address.

Address Classes
There are 5 different address classes. You can determine which class any IP address is in by examining
the first 4 bits of the IP address.

• Class A addresses begin with 0xxx, or 1 to 126 decimal.

• Class B addresses begin with 10xx, or 128 to 191 decimal.
• Class C addresses begin with 110x, or 192 to 223 decimal.
• Class D addresses begin with 1110, or 224 to 239 decimal.
• Class E addresses begin with 1111, or 240 to 254 decimal.

Addresses beginning with 01111111, or 127 decimal, are reserved for loopback
and for internal testing on a local machine. [You can test this: you should always
be able to ping 127.0.0.1, which points to yourself] Class D addresses are
reserved for multicasting. Class E addresses are reserved for future use. They
should not be used for host addresses.

Now we can see how the Class determines, by default, which part of the IP address
belongs to the network (N) and which part belongs to the node (n).

• Class A -- NNNNNNNN.nnnnnnnn.nnnnnnnn.nnnnnnnn
• Class B -- NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
• Class C -- NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn

In the example, 140.179.220.200 is a Class B address so by default the Network

part of the address (also known as the Network Address) is defined by the first two
octets (140.179.x.x) and the node part is defined by the last 2 octets
(x.x.220.200).

In order to specify the network address for a given IP address, the node section is
set to all "0"s. In our example, 140.179.0.0 specifies the network address for
140.179.220.200. When the node section is set to all "1"s, it specifies a broadcast
that is sent to all hosts on the network. 140.179.255.255 specifies the example
broadcast address. Note that this is true regardless of the length of the node
section.

Private Subnets

There are three IP network addresses reserved for private networks. The addresses are 10.0.0.0/8,
172.16.0.0/12, and 192.168.0.0/16. They can be used by anyone setting up internal IP networks, such as
a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because
routers on the Internet will never forward packets coming from these addresses.
Subnetting
Subnetting an IP Network can be done for a variety of reasons, including organization, use of different
physical media (such as Ethernet, FDDI, WAN, etc.), preservation of address space, and security. The
most common reason is to control network traffic. In an Ethernet network, all nodes on a segment see all
the packets transmitted by all the other nodes on that segment. Performance can be adversely affected
under heavy traffic loads, due to collisions and the resulting retransmissions. A router is used to connect
IP networks to minimize the amount of traffic each segment must receive.

Subnet Masking

Applying a subnet mask to an IP address allows you to identify the network and
node parts of the address. The network bits are represented by the 1s in the mask,
and the node bits are represented by the 0s. Performing a bitwise logical AND
operation between the IP address and the subnet mask results in the Network
Address or Number.
For example, using our test IP address and the default Class B subnet mask, we
get:

10001100.10110011.11110000.11001000 140.179.240.200 Class B IP Address

11111111.11111111.00000000.00000000 255.255.000.000 Default Class B Subnet
Mask
--------------------------------------------------------
10001100.10110011.00000000.00000000 140.179.000.000 Network Address

Default subnet masks:

• Class A - 255.0.0.0 - 11111111.00000000.00000000.00000000

• Class B - 255.255.0.0 - 11111111.11111111.00000000.00000000
• Class C - 255.255.255.0 - 11111111.11111111.11111111.00000000

More Restrictive Subnet Masks

Additional bits can be added to the default subnet mask for a given Class to further subnet, or break
down, a network. When a bitwise logical AND operation is performed between the subnet mask and IP
address, the result defines the Subnet Address (also called the Network Address or Network Number).
There are some restrictions on the subnet address. Node addresses of all "0"s and all "1"s are reserved
for specifying the local network (when a host does not know its network address) and all hosts on the
network (broadcast address), respectively. This also applies to subnets. A subnet address cannot be all
"0"s or all "1"s. This also implies that a 1 bit subnet mask is not allowed. This restriction is required
because older standards enforced this restriction. Recent standards that allow use of these subnets have
superceded these standards, but many "legacy" devices do not support the newer standards. If you are
operating in a controlled environment, such as a lab, you can safely use these restricted subnets.

To calculate the number of subnets or nodes, use the formula (2n-2) where n =
number of bits in either field, and 2n represents 2 raised to the nth power.
Multiplying the number of subnets by the number of nodes available per subnet
gives you the total number of nodes available for your class and subnet mask.
Also, note that although subnet masks with non-contiguous mask bits are allowed,
they are not recommended.

Example:

10001100.10110011.11011100.11001000 140.179.220.200 IP Address

11111111.11111111.11100000.00000000 255.255.224.000 Subnet Mask
 --------------------------------------------------------
10001100.10110011.11000000.00000000 140.179.192.000 Subnet Address
10001100.10110011.11011111.11111111 140.179.223.255 Broadcast Address

In this example a 3 bit subnet mask was used. There are 6 (23-2) subnets
available with this size mask (remember that subnets with all 0's and all 1's are not
allowed). Each subnet has 8190 (213-2) nodes. Each subnet can have nodes
assigned to any address between the Subnet address and the Broadcast address.
This gives a total of 49,140 nodes for the entire class B address subnetted this
way. Notice that this is less than the 65,534 nodes an unsubnetted class B address
would have.

You can calculate the Subnet Address by performing a bitwise logical AND
operation between the IP address and the subnet mask, then setting all the host
bits to 0s. Similarly, you can calculate the Broadcast Address for a subnet by
performing the same logical AND between the IP address and the subnet mask,
then setting all the host bits to 1s. That is how these numbers are derived in the
example above.

Subnetting always reduces the number of possible nodes for a given network.
There are complete subnet tables available here for Class A, Class B and Class C.
These tables list all the possible subnet masks for each class, along with
calculations of the number of networks, nodes and total hosts for each subnet.

An Example
Here is another, more detailed, example. Say you are assigned a Class C network number of
200.133.175.0 (apologies to anyone who may actually own this domain address). You want to utilize
this network across multiple small groups within an organization. You can do this by subnetting that
network with a subnet address.

We will break this network into 14 subnets of 14 nodes each. This will limit us to 196 nodes on the
network instead of the 254 we would have without subnetting, but gives us the advantages of traffic
isolation and security. To accomplish this, we need to use a subnet mask 4 bits long.
Recall that the default Class C subnet mask is

255.255.255.0 (11111111.11111111.11111111.00000000 binary)

Extending this by 4 bits yields a mask of
255.255.255.240 (11111111.11111111.11111111.11110000 binary)
This gives us 16 possible network numbers, 2 of which cannot be used:
Subnet bits Network Number Node Addresses Broadcast Address
0000 200.133.175.0 Reserved None
0001 200.133.175.16 .17 thru .30 200.133.175.31
0010 200.133.175.32 .33 thru .46 200.133.175.47
0011 200.133.175.48 .49 thru .62 200.133.175.63
0100 200.133.175.64 .65 thru .78 200.133.175.79
0101 200.133.175.80 .81 thru .94 200.133.175.95
0110 200.133.175.96 .97 thru .110 200.133.175.111
0111 200.133.175.112 .113 thru .126 200.133.175.127
1000 200.133.175.128 .129 thru .142 200.133.175.143
1001 200.133.175.144 .145 thru .158 200.133.175.159
1010 200.133.175.160 .161 thru .174 200.133.175.175
1011 200.133.175.176 .177 thru .190 200.133.175.191
1100 200.133.175.192 .193 thru .206 200.133.175.207
1101 200.133.175.208 .209 thru .222 200.133.175.223
1110 200.133.175.224 .225 thru .238 200.133.175.239
1111 200.133.175.240 Reserved None

CIDR -- Classless InterDomain Routing

Now that you understand "classful" IP Subnetting principals, you can forget them ;). The reason is
CIDR -- Classless InterDomain Routing. CIDR was invented several years ago to keep the internet
from running out of IP addresses. The "classful" system of allocating IP addresses can be very wasteful;
anyone who could reasonably show a need for more that 254 host addresses was given a Class B address
block of 65533 host addresses. Even more wasteful were companies and organizations that were
allocated Class A address blocks, which contain over 16 Million host addresses! Only a tiny percentage
of the allocated Class A and Class B address space has ever been actually assigned to a host computer
on the Internet.

People realized that addresses could be conserved if the class system was
eliminated. By accurately allocating only the amount of address space that was
actually needed, the address space crisis could be avoided for many years. This
was first proposed in 1992 as a scheme called Supernetting. Under supernetting,
the classful subnet masks are extended so that a network address and subnet
mask could, for example, specify multiple Class C subnets with one address. For
example, If I needed about 1000 addresses, I could supernet 4 Class C networks
together:

192.60.128.0 (11000000.00111100.10000000.00000000) Class C subnet address

192.60.129.0 (11000000.00111100.10000001.00000000) Class C subnet address
192.60.130.0 (11000000.00111100.10000010.00000000) Class C subnet address
192.60.131.0 (11000000.00111100.10000011.00000000) Class C subnet address
--------------------------------------------------------
192.60.128.0 (11000000.00111100.10000000.00000000) Supernetted Subnet address
255.255.252.0 (11111111.11111111.11111100.00000000) Subnet Mask
192.60.131.255 (11000000.00111100.10000011.11111111) Broadcast address
In this example, the subnet 192.60.128.0 includes all the addresses from 192.60.128.0 to
192.60.131.255. As you can see in the binary representation of the subnet mask, the Network portion of
the address is 22 bits long, and the host portion is 10 bits long.

Under CIDR, the subnet mask notation is reduced to a simplified shorthand.

Instead of spelling out the bits of the subnet mask, it is simply listed as the number
of 1s bits that start the mask. In the above example, instead of writing the address
and subnet mask as

192.60.128.0, Subnet Mask 255.255.252.0

the network address would be written simply as:
192.60.128.0/22
which indicates starting address of the network, and number of 1s bits (22) in the network portion of the
address. If you look at the subnet mask in binary (11111111.11111111.11111100.00000000), you can
easily see how this notation works.

The use of a CIDR notated address is the same as for a Classful address. Classful
addresses can easily be written in CIDR notation (Class A = /8, Class B = /16, and
Class C = /24)

It is currently almost impossible for an individual or company to be allocated their

own IP address blocks. You will simply be told to get them from your ISP. The
reason for this is the ever-growing size of the internet routing table. Just 10 years
ago, there were less than 5000 network routes in the entire Internet. Today, there
are over 100,000. Using CIDR, the biggest ISPs are allocated large chunks of
address space (usually with a subnet mask of /19 or even smaller); the ISP's
customers (often other, smaller ISPs) are then allocated networks from the big
ISP's pool. That way, all the big ISP's customers (and their customers, and so on)
are accessible via 1 network route on the Internet. But I digress.

It is expected that CIDR will keep the Internet happily in IP addresses for the next
few years at least. After that, IPv6, with 128 bit addresses, will be needed. Under
IPv6, even sloppy address allocation would comfortably allow a billion unique IP
addresses for every person on earth! The complete and gory details of CIDR are
documented in RFC1519, which was released in September of 1993.

Allowed Class A Subnet and Host IP addresses

# bits Subnet Mask CIDR # Subnets # Hosts Nets * Hosts

2 255.192.0.0 /10 2 4194302 8388604
3 255.224.0.0 /11 6 2097150 12582900
4 255.240.0.0 /12 14 1048574 14680036
5 255.248.0.0 /13 30 524286 15728580
6 255.252.0.0 /14 62 262142 16252804
7 255.254.0.0 /15 126 131070 16514820
8 255.255.0.0 /16 254 65534 16645636
9 255.255.128.0 /17 510 32766 16710660
10 255.255.192.0 /18 1022 16382 16742404
11 255.255.224.0 /19 2046 8190 16756740
12 255.255.240.0 /20 4094 4094 16760836
13 255.255.248.0 /21 8190 2046 16756740
14 255.255.252.0 /22 16382 1022 16742404
15 255.255.254.0 /23 32766 510 16710660
16 255.255.255.0 /24 65534 254 16645636
17 255.255.255.128 /25 131070 126 16514820
18 255.255.255.192 /26 262142 62 16252804
19 255.255.255.224 /27 524286 30 15728580
20 255.255.255.240 /28 1048574 14 14680036
21 255.255.255.248 /29 2097150 6 12582900
22 255.255.255.252 /30 4194302 2 8388604

Allowed Class B Subnet and Host IP addresses

# bits Subnet Mask CIDR # Subnets # Hosts Nets * Hosts

2 255.255.192.0 /18 2 16382 32764
3 255.255.224.0 /19 6 8190 49140
4 255.255.240.0 /20 14 4094 57316
5 255.255.248.0 /21 30 2046 61380
6 255.255.252.0 /22 62 1022 63364
7 255.255.254.0 /23 126 510 64260
8 255.255.255.0 /24 254 254 64516
9 255.255.255.128 /25 510 126 64260
10 255.255.255.192 /26 1022 62 63364
11 255.255.255.224 /27 2046 30 61380
12 255.255.255.240 /28 4094 14 57316
13 255.255.255.248 /29 8190 6 49140
14 255.255.255.252 /30 16382 2 32764

Allowed Class C Subnet and Host IP addresses

# bits Subnet Mask CIDR # Subnets # Hosts Nets * Hosts

2 255.255.255.192 /26 2 62 124
3 255.255.255.224 /27 6 30 180
4 255.255.255.240 /28 14 14 196
5 255.255.255.248 /29 30 6 180
6 255.255.255.252 /30 62 2 124