Documente Academic
Documente Profesional
Documente Cultură
www.ine.com
“Networking”…what do YOU think of?
Copyright © www.INE.com
Does this look like YOUR computer??
Copyright © www.INE.com
The Internet…what’s your earliest memory?
Copyright © www.INE.com
Early Days of Computing
Terminals connected to computers (SDS Sigma-7 shown)
Copyright © www.INE.com
Early Days of Computing (2)
Computers connected point-to-point via modems
Telephone Company
Modem Modem
Copyright © www.INE.com
Early Days of Networking (1)
Computers connected point-to-point via modems
Project-A UCLA Stanford
Computers
Modem Modem
Telephone Company
Project-B
Computers
Modem Modem
Copyright © www.INE.com
Physical Components of Networks - Hosts
» Hosts
• Laptops
• PCs
• Tablets
• Smartphones
• Servers
Copyright © www.INE.com
Physical Components of Networks – Network Infrastructure
Copyright © www.INE.com
Cables - Copper
» Copper Cables (LAN)
• Co-axial
• Twisted Pair
Shielded Co-Axial RJ-45
Unshielded
Copyright © www.INE.com
Cables - Optics
» Fiber Optic Cables
• MMF
• SMF
• GBICs
• SFP
SFP
GBIC
Copyright © www.INE.com
Network/Topology Diagrams
Copyright © www.INE.com
Topologies – Logical and Physical
» Logical Topology
• What the network looks like to the end-device
» Physical Topology
• How the network is actually cabled
• Bus
• Star
• Ring
Copyright © www.INE.com
Cisco’s Three-Layer Heirarchical Design
» Distribution-Layer
Distribution
Access
Copyright © www.INE.com
Cisco’s Three-Layer Heirarchical Design
» Core Layer
Core
Distribution
Access
Copyright © www.INE.com
The Collapsed Core Design
Collapsed-Core Layer
Access
Copyright © www.INE.com
Describe the impact of infrastructure
components in an enterprise network
www.ine.com
Firewalls
» Inline systems that enforce an access control policy between
various network segments defined as security zones
• Can be software or hardware
» Usually deployed at network edges (Internet, WAN links)
» It has to be resistant to attacks against itself
• Usually deployed as layer 3 hop, thus it is reachable by the attacker
• Attacker cannot take-over the firewall
Copyright © www.INE.com
Firewalls
» Cisco’s current line of Firewalls;
• ASA’s: Adaptive Security Appliances
• Firepower
Copyright © www.INE.com
How do Firewalls impact the network?
» If they operate correctly, they are a huge security benefit.
» If Firewalls become overloaded they could be a source of
traffic congestion, delays, or packet drops.
» Misconfigured Firewalls, or internal applications that are
misbehaving, could block access to legitimate resources.
» They add an additional element to the network that must be
monitored.
Copyright © www.INE.com
WiFi Componenets in Enterprise Networks (1)
» Access Points
» A variety of options
• Indoor
• Outdoor
• Managed (Locally or Cloud-Based)
• Unmanaged
» WiFi NICs
Copyright © www.INE.com
WiFi Componenets in Enterprise Networks (2)
» Controllers
» A variety of options:
• Standalone
• Modularized/Integrated
• Can control different maximum quantities of APs
Copyright © www.INE.com
How do WiFi Components impact the network?
www.ine.com
What is a “Protocol”?
» Rules of operation
» May facilitate vendor interoperability
» Provides easier troubleshooting
» Governed by different standards bodies
• IEEE
• IETF
• IANA
Copyright © www.INE.com
OSI Layer
Copyright © www.INE.com
OSI Layer
Application
Presentation
Session
Transport
Network
Data Link
Physical
Copyright © www.INE.com
OSI Layer
» Upper layer
• Application
• Presentation
• Session
» Lower layer
• Transport
• Network
• Data link
• Physical
Copyright © www.INE.com
Application Layer
» Features
• Interacts with the user applications (Firefox, Outlook,
etc.)
• Provides initial network connection for user
applications
• Manages the application connections between hosts
Copyright © www.INE.com
Presentation Layer
» Performs encryption within an application
» Ensures that data is presented correctly to
the application used
» Performs translation of cross-platform
standards that may be understood by the
local machine:
• Pict. into .jpg file translation
• .wav into .mp3
Copyright © www.INE.com
Session Layer
Copyright © www.INE.com
Session Layer
» Well-known ports
• Ranges from 0 to 1023
• Port numbers used by well-known services
• Examples: HTTP(80), HTTPS(443), DNS(53),
FTP(20,21) ,TELNET(23), etc.
» Registered ports
• Reserved for the applications
• Ranges from 1024 to 65535
» Ephemeral ports
Copyright © www.INE.com
OSI Reference Model
Part 2
www.ine.com
Transport Layer
» Fragmentation
» Sequencing and reassembling
» Windowing, buffering, congestion avoidance
» Error correction
» Examples: TCP/UDP/EIGRP/OSPF
Copyright © www.INE.com
Transport Layer
» Identifying services
• TCP
• Connection oriented
• Reliable
• Protocol number 6
• UDP
• Connectionless
• Unreliable
• Protocol number 17
Copyright © www.INE.com
Network Layer
Copyright © www.INE.com
Network Layer Terminology
» Routed protocol
• Protocols that are used for identification
• IP, IPX, AppleTalk
» Routing protocol
• Protocols that determine best paths for the routed
protocols
• EIGRP, OSPF, etc.
» Example
• Router, Multilayer Switch
Copyright © www.INE.com
OSI Reference Model
Part 3
www.ine.com
Data Link Layer
» Media-Access Control
» Link-Layer Addressing
» Error Checking
Copyright © www.INE.com
Physical Layer
Copyright © www.INE.com
Encapsulation / Decapsulation
» Encapsulation: As each layer receives a PDU from the
layer above it, headers are added.
» Decapsulation: As each layer receives a PDU from the
layer below it, headers are inspected and then removed.
www.ine.com
Introduction to IPv4
» Internet Protocol version 4
• Resides at OSI Layer-3 (Network Layer)
• Connectionless
32- bits
Copyright © www.INE.com
Communication Types
» Unicast
• One-to-one communication
» Multicast
• One-to-many communication
» Broadcast
• One-to-all communication
Copyright © www.INE.com
DHCP
» Dynamic Host Configuration Protocol
• Dynamic assignment of IP information
• Based on older BootP protocol
• Client / Server
• Utilizes UDP (port 67 and 68)
Copyright © www.INE.com
DNS
» Domain Name Service
» Used by computers to resolve names to IP
addresses.
» Typically uses UDP port 53.
» DNS server responds to DNS requests
• Host sends DNS A-Record query
• DNS server responds with A-Record query response.
Copyright © www.INE.com
OSI Transport Layer - UDP
» Predominant protocols used at Layer-4
• TCP (Transmission Control Protocol)
• UDP (User Datagram Protocol)
» UDP
• Connectionless
L2/L3 Headers
UDP Source Port Number UDP Destination Port Number
Length (UDP Hdr + Data) UDP Checksum
Payload
Copyright © www.INE.com
OSI Transport Layer - TCP
» Transmission Control Protocol
• Connection-oriented
L2/L3 Headers
TCP Source Port Number TCP Destination Port Number
Sequence Number
Acknowledgment Number
Hdr
Length Resvd Control Flags Window Size
TCP Checksum Urgent Pointer
TCP Options (if any)
Payload
Copyright © www.INE.com
Binary and Decimal
www.ine.com
Binary and Decimal
• Decimal = Base10
In any given position one can select a single
digit from 0 - 9
100s 10s 1s
• Binary= Base2
In any given position one can select a single
digit from 0 - 1
4s 2s 1s
Copyright © www.INE.com
IPv4 Address Classes and
Masks
www.ine.com
Classes of IPv4
» Classes:
• Class A: 0.0.0.0 through 127.255.255.255
• Class B: 128.0.0.0 through 191.255.255.255
• Class C: 192.0.0.0 through 223.255.255.255
• Class D: 224.0.0.0 through 239.255.255.255
• Class E: 240.0.0.0 through 255.255.255.255
Copyright © www.INE.com
Subnet Mask
» Helps identify network and host portion of
network
» Default subnet masks:
• Class A: 255.0.0.0 or /8
• Class B: 255.255.0.0 or /16
• Class C: 255.255.255.0 or /24
» Typically called classful address
Copyright © www.INE.com
IPv4 Addresses:
Public, Private & Reserved
www.ine.com
IPv4 Addresses: Public & Private
» IP addresses “leased” to a corporation are
known as public IP addresses.
» IP addresses that are unregistered and may
overlap from one company to the next, are
known as private IP addresses.
Copyright © www.INE.com
Where do Public IP Addresses Come From?
Internet Assigned
Numbers Authority (IANA)
Copyright © www.INE.com
IPv4 Addresses: Public
» Public IPv4 addresses
• Globally unique
• Should be purchased
• Usually used in Internet edge
» Range of public addresses
• Beyond the RFC 1918 space, all addresses are public
Copyright © www.INE.com
IPv4 Addresses: Reserved
» Default or Unknown Address
• 0.0.0.0
» Loopback
• 127.anything
» APIPA
• 169.254.anything
Copyright © www.INE.com
IPv4 Addressing;
Configuration and Verification
www.ine.com
IP addressing – Router Configuration
» Router(config-if)# ip address <address><mask>
» Verification
• Show interface <type><number>
• Show ip interface brief
Copyright © www.INE.com
What’s my IP?
2
3
1
Copyright © www.INE.com
IPv4 Subnetting
www.ine.com
IPv4 Subnetting
» Each IP network that is purchased is only good
for a single broadcast domain (VLAN).
» Often unused/unallocated host space within a
given network.
» Subnetting = Dividing a single, allocated network
into multiple sub-networks.
» Minor loss of available hosts addresses.
Copyright © www.INE.com
IPv4 Subnetting
» Every device running IPv4 uses the same
process to determine its local network:
• Identify local IP address in binary
• Identify local subnet mask in binary
• Extract network portion of address by comparing current
address and subnet mask
» Subnet mask is referenced instead of classfull
network address
Copyright © www.INE.com
IPv4 Subnetting
» Example:
• Class C
• Network : 192.168.10.0/24
• Default subnet mask: 255.255.255.0
• Host requirement: 10
• Bits required
• 11111111.11111111.1111111.11110000
• Only 4 bits are required in the hosts field instead of default 8
bits
Copyright © www.INE.com
IPv4 Subnetting – How many hosts?
» New subnet mask
• 255.255.255.240 [11110000=240 in the last octet]
» Number of usable hosts per subnet
• 255.255.255.11110000 (bits in green are “host” bits)
• 24-2 =14 hosts per subnet
24=16
All zeroes host = subnet address
All one’s host = broadcast address
Copyright © www.INE.com
IPv4 Subnetting – How many subnets?
» New subnet mask
• 255.255.255.240 [11110000=240 in the last octet]
» Range of available subnetworks
• 255.255.255.11110000
• Four subnet bits: 24 = 16
• Original network was 192.168.10.0 /24
• Each subnet will be a multiple of 16.
192.168.10.0 /28
192.168.10.16 /28
Copyright © www.INE.com
192.168.10.32 /28
VLSM & CIDR
» Same Length Subnet Masking
• Previous example, each network utilized the same
mask.
» VLSM
• Variable length subnet masking
• Provides ability to allocate IPv4 as per the host
requirements
• Subnet mask can be variable
• Ex: /25 , /26, /27 from /24 block
Copyright © www.INE.com
VLSM & CIDR
» CIDR
• Classless Interdomain Routing
• Beyond the classful behavior
• Class A address can be treated as Class B & C or vice
versa
• Ex: 10.0.0.0/24 [/24 is prefix-length from Class C]
Copyright © www.INE.com
IPv4 Summarization
www.ine.com
IPv4 Summarization
Copyright © www.INE.com
IPv4 Summarization - Example
» Example
• Network : 10.10.16.0 /20
• Network: 10.10.48.0 /20
• Subnet mask: 255.255.240.0
» Conversion of network-id into bits
“n” = SubNet Bit
• 10.10.000nhhhh.hhhhhhhh /20
“h” = Host Bit
• 10.10.001nhhhh.hhhhhhhh /20
• AND operation result : 10.10.00hhhhhh.hhhhhhhh
Copyright © www.INE.com
10.10.0.0 /18 (summarized network)
Summarization and Supernetting
» IPv4 Summarization
• Aggregating multiple subnets into a single network
advertisement.
• That advertisement does not break classfull boundaries.
» IPv4 Supernetting
• Aggregating multiple networks (could be subnets or
classfull networks) into a single network advertisement.
• That advertisement breaks classfull boundaries.
Example: 10.0.0.0 /7 is a Supernet
Copyright © www.INE.com
IPv4 Supernetting
» Example
• Network : 192.168.1.0/24
• Network: 192.168.2.0/24
» Conversion of network-id into bits
• 192.168.00000001.hhhhhhhh
• 192.168.00000010.hhhhhhhh
• AND operation result : 192.168.000000hh.hhhhhhhh
192.168.0.0 /22 (Supernet)
Copyright © www.INE.com
IPv4 Summarization and Supernetting
www.ine.com
History of IPv6
» 1992 – an impending shortage of IPv4 address space was first
recognized.
» 1994 – IETF launches work into IPv6
» 1998 – First RFC (2460) for IPv6 written
» 2006 – RFC 4291 stabilized (address structure)
» 2008 – U.S. Federal Government mandates IPv6-compatibility
of all backbone devices of Federal Agencies
» 2015 – ARIN runs out of IPv4 addresses.
Copyright © www.INE.com
Introduction to IPv6
» 128-bit addressing system
www.ine.com
IPv4 and IPv6 Header Comparison
IPv4 Header: Version IHL
Type of
Service Total Length
Source Address
Destination Address
Options Padding
Traffic
IPv6 Header: Version Class Flow Label
Source Address
Destination Address
Copyright © www.INE.com
Introduction to IPv6
(Interface-IDs)
www.ine.com
IPv4/IPv6 “Host” bits
» IPv4 host address 20.20.20.3 /24
Copyright © www.INE.com
Introduction to IPv6
(Address Types)
www.ine.com
Types of IPv6 Addresses
» Link-local addresses
• Assigned automatically as an IPv6 host comes online
• Similar to the 169.254.x.x address of IPv4
• Always begin with “FE80::/10”
• Last 64 bits is the 48-bit MAC address with “FFFE”
inserted in the middle
» Global Unicast Addresses
• Have their high-level 3 bits set to 001; ex: 2000::/3
• Global routing prefix is 48 bit or less
Copyright © www.INE.com
Types of IPv6 Addresses
» Unique Local Addresses
• Not globally routable
• Similar to the private addresses of IPv4
• Always begin with “FC00::/7”
» Multicast Address
• FF00::/8
• As long as the first 8-bits take the form of 1111 1111, that’s a
multicast address.
• IPv6 nodes listen to several IPv6 Multicast Groups by default.
Copyright © www.INE.com
Types of IPv6 Addresses
» Anycast
• Two-or-more nodes using the same IPv6 address
• Used for load-balancing
• Indistinguishable from Unicast address
Copyright © www.INE.com
Introduction to IPv6
(IPv6 Neighbor Discovery)
www.ine.com
ICMPv6 and NDP
» NDP = Neighbor Discovery Protocol
Copyright © www.INE.com
Introduction to IPv6
(Solicited Node Multicast)
www.ine.com
Types of IPv6 Addresses
» Solicited Node Multicast Address
• FF02:0:0:0:0:1:FF/104
• Last 24-bits taken from interface-ID (next slide)
• Automatically provisioned like Link-Local addresses
• Used for L3-to-L2 address resolution
No more
broadcasts!!
Copyright © www.INE.com