Subnet mask OSI layers (this is a big one) know the layers, their purpose, encap
ID: 3585629 • Letter: S
Question
Subnet mask
OSI layers (this is a big one) know the layers, their purpose, encapsulation, addressing
Bandwidth vs throughput
UTP cable types and their purposes
Data link sublayers and what they do
Functions of a switch
Cut-through switching
Store-and-forward switching
IP vs. MAC addressing from device to device
NVRAM
IP addressing & default gateway
ANDing
Private address ranges
A:
B:
C:
IPv6 link local address range
Ping vs. tracert
Subnetting (big one)
# of networks, # of hosts
VLSM (concept and process)
TCP vs. UDP
Windowing (also called sliding window)
Protocols (know what they are, port#, & which layer)
Peer-to-peer operation
HTTP messages
Network packet captures
Device security commands
Logical vs physical topology
Media types
Parts of routing table and how it functions
Subnet mask
OSI layers (this is a big one) know the layers, their purpose, encapsulation, addressing
Bandwidth vs throughput
UTP cable types and their purposes
Data link sublayers and what they do
Functions of a switch
Cut-through switching
Store-and-forward switching
IP vs. MAC addressing from device to device
NVRAM
IP addressing & default gateway
ANDing
Private address ranges
A:
B:
C:
IPv6 link local address range
Ping vs. tracert
Subnetting (big one)
# of networks, # of hosts
VLSM (concept and process)
TCP vs. UDP
Windowing (also called sliding window)
Protocols (know what they are, port#, & which layer)
Peer-to-peer operation
HTTP messages
Network packet captures
Device security commands
Logical vs physical topology
Media types
Parts of routing table and how it functions
Explanation / Answer
Answer:
Subnet mask:
A subnet mask is a 32-bit number used to differentiate the network component of an IP address by dividing the IP address into a network address and host address. It does so with bit arithmetic whereby a network address is bit multiplied by the subnet mask reveal the underlying subnetwork. Like the IP address, a subnet mask is written using the "dotted-decimal" notation.
A subnet mask is also known as an address mask.
OSI layers:
In the OSI model, control is passed from one layer to the next, starting at the application layer in one station, and proceeding to the bottom layer, over the channel to the next station and back up the hierarchy. The OSI model takes the task of inter-networking and divides that up into what is referred to as a vertical stack that consists of the following 7 layers.
Physical (Layer 1)
OSI Model, Layer 1 conveys the bit stream - electrical impulse, light or radio signal — through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier, including defining cables, cards and physical aspects. Fast Ethernet, RS232, and ATM are protocols with physical layer components.
Data Link (Layer 2)
At OSI Model, Layer 2, data packets are encoded and decoded into bits. It furnishes transmission protocolknowledge and management and handles errors in the physical layer, flow control and frame synchronization. The data link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link Control(LLC) layer. The MAC sub layer controls how a computer on the network gains access to the data and permission to transmit it. The LLC layer controls frame synchronization, flow control and error checking.
Network (Layer 3)
Layer 3 provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing.
Transport (Layer 4)
OSI Model, Layer 4, provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. It ensures complete data transfer.
Session (Layer 5)
This layer establishes, manages and terminates connections between applications. The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end. It deals with session and connection coordination.
Presentation (Layer 6)
This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. The presentation layer works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is sometimes called the syntax layer.
Application (Layer 7)
OSI Model, Layer 7, supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer.
Data Link Sublayers:
The data link layer is divided into two sublayers: Logical Link Control (LLC) and Media Access Control (MAC). The LLC sublayer manages communications between devices over a single link of a network. This sublayer supports fields in link-layer frames that enable multiple higher-layer protocols to share a single physical link.
The MAC sublayer governs protocol access to the physical network medium. Through the MAC addresses that are typically assigned to all ports on a router, multiple devices on the same physical link can uniquely identify one another at the data link layer. MAC addresses are used in addition to the network addresses that are typically configured manually on ports within a network.
Functions of a switch:
Functions
The basic function that any switch is supposed to perform is to receive information from any source connected to it and dispatch that information to the appropriate destination only. This thing differentiates switches from hubs. Hub gets the information and forwards that to every other device in the network. This is the reason why switches are called intelligent devices.
The network switch has become a crucial part of present local area networks (LANs). LANs with medium to large sizes are established using a number of inter-linked network switches. SOHO (Small Office/Home office) networks generally consist of a single switch, or sometimes a multi-purpose device like a residential gateway to utilize small office/home broadband services such as Digital subscriber line (DSL) and cable Internet. Nowadays, we have been using router-like components which interface to the particular physical broadband technology. We may see some people using telephone technology on internet using Voice over IP (VoIP).
As mentioned above, a switch is operated at the data link layer to develop a distinct collision domain for each port of the switch. Let us consider, there are four computers - A, B, C, and D connected to four ports of the switch, then any pair , say A and B, may transfer data in either directions, at the same time, the other pair, C and D, can exchange their information simultaneously, and these two communications will not interrupt each other. Using full duplex mode, pairs may get overlapped (A communicating with B, B with C, and so on). Whereas in hubs, all of them have to share the same bandwidth by running in half duplex mode, causing collisions, which will result in unnecessary packet retransmissions.
Cut-through switching:
cut-through switching is a method for packet switching systems, wherein theswitch starts forwarding a frame (or packet) before the whole frame has been received, normally as soon as the destination address is processed.
Store-and-forward switching:
In thestore-and-forward switching method, error checking is performed against the frame, and any frame with errors is discarded.
IP vs. MAC addressing from device to device:
IP ADDRESS : It is a 32 bit address (It is a binary address) often written in 4 groups of 3 decimals each i.e 192.168.1.2 (an example of class C IP address). This is a logical address for your device through which it communicates to the outside world. This address can be configured.
MAC ADDRESS : It is the HARDWARE address of any device. For a laptop with WiFi, there may be 2 MAC address, one for WiFi and the other for the Ethernet Port. It is a hexadecimal address. An example of a MAC address : DE-56-0A-DC-E6-88
NVRAM:
Non-volatile random-access memory (NVRAM) is random-access memory that retains its information when power is turned off (non-volatile). This is in contrast to dynamic random-access memory (DRAM) and static random-access memory (SRAM), which both maintain data only for as long as power is applied.
ANDing:
If you notice that when there is a 1 in the IP Address and it vertically matches with a 1 in the Subnet mask the ANDing result is a 1. Recall: Truth Table 1+1=1. While when there is a 1 in the IP Address and it vertically matches with a 0 in the Subnet mask vis-a-vis the ANDing result is a 0.
Private address ranges:
A:10.0.0.0 to 10.255.255.255
B:172.16.0.0 to 172.31.255.255
C:192.168.0.0 to 192.168.255.255
Ping vs. tracert:
Ping
Ping (also written as PING or ping) is a utility that you use to determine whether or not a specific IP address is accessible. Ping works by sending a packet to a specified address and waiting for a reply. Ping is used primarily to troubleshoot Internet connections and there are many freeware and shareware Ping utilities available for download.
On a Windows PC you can run Ping using a command prompt. To do this, go to the Windows Start button, choose Programs, then MSDOS Prompt. When you get the C: prompt, type ping followed by the destination server name or an IP address, for example, ping google.com
Traceroute
Traceroute is a utility that traces a packet from your computer to an Internet host, but it will show you how many hops the packet requires to reach the host and how long each hop takes. If you're visiting a Web site and pages are appearing slowly, you can use traceroute to figure out where the longest delays are occurring. Traceroute utilities work by sending packets with low time-to-live (TTL) fields. The TTL value specifies how many hops the packet is allowed before it is returned. When a packet can't reach its destination because the TTL value is too low, the last host returns the packet and identifies itself. By sending a series of packets and incrementing the TTL value with each successive packet, traceroute finds out who all the intermediary hosts are.
The original traceroute is a UNIX utility, but nearly all platforms have something similar. Windows includes a traceroute utility called tracert. On a Windows PC you can run traceroute using a command prompt To do this, go to the Windows Start button, choose Programs, then MSDOS Prompt. When you get the C: prompt, type tracert followed by the destination server name or an IP address, for example: tracert google.com
Subnetting:
Subnetting is the strategy used to partition a single physical network into more than one smaller logical sub-networks (subnets). An IP address includes a network segment and a host segment. Subnets are designed by accepting bits from the IP address's host part and using these bits to assign a number of smaller sub-networks inside the original network. Subnetting allows an organization to add sub-networks without the need to acquire a new network number via the Internet service provider (ISP). Subnetting helps to reduce the network traffic and conceals network complexity. Subnetting is essential when a single network number has to be allocated over numerous segments of a local area network (LAN).
Subnets were initially designed for solving the shortage of IP addresses over the Internet.
Each IP address consists of a subnet mask. All the class types, such as Class A, Class B and Class C include the subnet mask known as the default subnet mask. The subnet mask is intended for determining the type and number of IP addresses required for a given local network. The firewall or router is called the default gateway. The default subnet mask is as follows:
The subnetting process allows the administrator to divide a single Class A, Class B, or Class C network number into smaller portions. The subnets can be subnetted again into sub-subnets.
Dividing the network into a number of subnets provides the following benefits:
VLSM:
Variable-Length Subnet Masking (VLSM) amounts to "subnetting subnets," which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.
A subnet mask defines the size of the subnet (the number of host addresses in the subnet). Fixed-Length Subnet Masking (FLSM) creates subnets all the same size. But where some subnets will have many hosts and some have few, FLSM results in some subnets having many orphaned addresses, or some sets of hosts being too big to fit into a subnet. Where VLSM is enabled, a large subnet can be divided into a set of smaller sub-subnets, which can be used to handle smaller sets of hosts.
For example, consider a traditional Class C address space like 192.168.1.0 and an organization with four groups of computers: the data center with 75 hosts; the call center with 50; the operations floor with 25; and the executive floor with 20. Under fixed subnetting, dividing the 255 host addresses available into four subnets would support only 62 hosts each, not meeting the needs of the data center and vastly oversupplying addresses for operations and the execs. Using VLSM, the space is first split in 2, with each subnet able to address 126 hosts. One subnet covers the data center. The other is split in two, supplying two sub-subnets of 62 hosts. One covers the contact center, the other is split in two once more, creating two 30-host sub-sub-subnets, to cover operations and executives.
In order to use VLSM, a network administrator must use a routing protocol that supports it, such as Routing Information Protocol v2 (RIPv2), Open Shortest Path First (OSPF), Intermediate System-to-Intermediate System (IS-IS), Enhanced Interior Gateway Routing Protocol (EIGRP) and Border Gateway Protocol (BGP),
TCP vs. UDP:
TCP:
->Transmission Control Protocol
->It is a connection oriented protocol
->TCP is used in case of applications in which fast transmission of data is not required
->HTTP, FTP, SMTP Telnet etc
->It rearranges data packets in the order specified
->TCP header size is 20 bytes
->Data is read as a byte stream, thus no distinguishing indications are transmitted to the signal message
->It is heavier as it requires three packets to set up a socket connection, before any user data can be sent. TCP handles reliability and congestion control
->TCP controls the flow of data
UDP:
->User Datagram Protocol or Universal Datagram Protocol
->It is a connection less protocol
->UDP is preferred in case of the applications which have the priority of sending the data on time and on faster rates
->DNS, DHCP, TFTP, SNMP, RIP, VOIP etc
->No inherent ordering, the data packets of same message may be ordered differently
->Packets are sent individually and after the arrival the packets are rearranged
->UDP is lightweight due to no ordering of messages, no tracking connections, etc.
->UDP does not have an option for flow control.
windowing:
Sliding windows, a technique also known as windowing, is used by the Internet's Transmission Control Protocol (TCP) as a method of controlling the flow of packets between two computers or network hosts. ... Sliding windows is a method by which multiple packets of data can be affirmed with a single acknowledgment.
Protocols:
File Transfer Protocol (FTP)
(RFC 959)`
Secure Shell (SSH)
(RFC 4250-4256)
Telnet
(RFC 854)
Simple Mail Transfer Protocol (SMTP)
(RFC 5321)
Domain Name System (DNS)
(RFC 1034-1035)
Dynamic Host Configuration Protocol (DHCP)
(RFC 2131)
Trivial File Transfer Protocol (TFTP)
(RFC 1350)
Hypertext Transfer Protocol (HTTP)
(RFC 2616)
Post Office Protocol (POP) version 3
(RFC 1939)
Network Time Protocol (NTP)
(RFC 5905)
NetBIOS
(RFC 1001-1002)
Internet Message Access Protocol (IMAP)
(RFC 3501)
Simple Network Management Protocol (SNMP)
(RFC 1901-1908, 3411-3418)
Border Gateway Protocol (BGP)
(RFC 4271)
Lightweight Directory Access Protocol (LDAP)
(RFC 4510)
Hypertext Transfer Protocol over SSL/TLS (HTTPS)
(RFC 2818)
Lightweight Directory Access Protocol over TLS/SSL (LDAPS)
(RFC 4513)
FTP over TLS/SSL
(RFC 4217
Peer-to-peer operation:
Peer-to-peer (P2P) is a decentralized communications model in which each party has the same capabilities and either party can initiate a communication session. Unlike the client/server model, in which the client makes a service request and the server fulfills the request, the P2P network model allows each node to function as both a client and server.
P2P systems can be used to provide anonymized routing of network traffic, massive parallel computing environments, distributed storage and other functions. Most P2P programs are focused on media sharing and P2P is therefore often associated with software piracy and copyright violation.
Typically, peer-to-peer applications allow users to control many parameters of operation: how many member connections to seek or allow at one time; whose systems to connect to or avoid; what services to offer; and how many system resources to devote to the network. Some simply connect to some subset of active nodes in the network with little user control, however.
HTTP messages:
HTTP messages are how data is exchanged between a server and a client. There are two types of messages:requests sent by the client to trigger an action on the server, and responses, the answer from the server. HTTP messages are composed of textual information encoded in ASCII, and span over multiple lines.
Network packet captures:
Packet capture is a computer networking term for intercepting a data packet that is crossing or moving over a specific computer network.
Once a packet is captured, it is stored temporarily so that it can be analyzed. The packet is inspected to help diagnose and solve network problems and determine whether network security policies are being followed.
Hackers can also use packet capturing techniques to steal data that is being transmitted over a network.
File Transfer Protocol (FTP)
(RFC 959)`
20/21 FTP is one of the most commonly used file transfer protocols on the Internet and within private networks. An FTP server can easily be set up with little networking knowledge and provides the ability to easily relocate files from one system to another. FTP control is handled on TCP port 21 and its data transfer can use TCP port 20 as well as dynamic ports depending on the specific configuration.Secure Shell (SSH)
(RFC 4250-4256)
22 SSH is the primary method used to manage network devices securely at the command level. It is typically used as a secure alternative to Telnet which does not support secure connections.Telnet
(RFC 854)
23 Telnet is the primary method used to manage network devices at the command level. Unlike SSH which provides a secure connection, Telnet does not, it simply provides a basic unsecured connection. Many lower level network devices support Telnet and not SSH as it required some additional processing. Caution should be used when connecting to a device using Telnet over a public network as the login credentials will be transmitted in the clear.Simple Mail Transfer Protocol (SMTP)
(RFC 5321)
25 SMTP is used for two primary functions, it is used to transfer mail (email) from source to destination between mail servers and it is used by end users to send email to a mail system.Domain Name System (DNS)
(RFC 1034-1035)
53 The DNS is used widely on the public internet and on private networks to translate domain names into IP addresses, typically for network routing. DNS is hieratical with main root servers that contain databases that list the managers of high level Top Level Domains (TLD) (such as .com). These different TLD managers then contain information for the second level domains that are typically used by individual users (for example, cisco.com). A DNS server can also be set up within a private network to private naming services between the hosts of the internal network without being part of the global system.Dynamic Host Configuration Protocol (DHCP)
(RFC 2131)
67/68 DHCP is used on networks that do not use static IP address assignment (almost all of them). A DHCP server can be set up by an administrator or engineer with a poll of addresses that are available for assignment. When a client device is turned on it can request an IP address from the local DHCP server, if there is an available address in the pool it can be assigned to the device. This assignment is not permanent and expires at a configurable interval; if an address renewal is not requested and the lease expires the address will be put back into the poll for assignment.Trivial File Transfer Protocol (TFTP)
(RFC 1350)
69 TFTP offers a method of file transfer without the session establishment requirements that FTP uses. Because TFTP uses UDP instead of TCP it has no way of ensuring the file has been properly transferred, the end device must be able to check the file to ensure proper transfer. TFTP is typically used by devices to upgrade software and firmware; this includes Cisco and other network vendors’ equipment.Hypertext Transfer Protocol (HTTP)
(RFC 2616)
80 HTTP is one of the most commonly used protocols on most networks. HTTP is the main protocol that is used by web browsers and is thus used by any client that uses files located on these serversPost Office Protocol (POP) version 3
(RFC 1939)
110 POP version 3 is one of the two main protocols used to retrieve mail from a server. POP was designed to be very simple by allowing a client to retrieve the complete contents of a server mailbox and then deleting the contents from the server.Network Time Protocol (NTP)
(RFC 5905)
123 One of the most overlooked protocols is NTP. NTP is used to synchronize the devices on the Internet. Even most modern operating systems support NTP as a basis for keeping an accurate clock. The use of NTP is vital on networking systems as it provides an ability to easily interrelate troubles from one device to another as the clocks are precisely accurate.NetBIOS
(RFC 1001-1002)
137/138/139 NetBIOS itself is not a protocol but is typically used in combination with IP with the NetBIOS over TCP/IP (NBT) protocol. NBT has long been the central protocol used to interconnect Microsoft Windows machines.Internet Message Access Protocol (IMAP)
(RFC 3501)
143 IMAP version3 is the second of the main protocols used to retrieve mail from a server. While POP has wider support, IMAP supports a wider array of remote mailbox operations which can be helpful to users.Simple Network Management Protocol (SNMP)
(RFC 1901-1908, 3411-3418)
161/162 SNMP is used by network administrators as a method of network management. SNMP has a number of different abilities including the ability to monitor, configure and control network devices. SNMP traps can also be configured on network devices to notify a central server when specific actions are occurring. Typically, these are configured to be used when an alerting condition is happening. In this situation, the device will send a trap to network management stating that an event has occurred and that the device should be looked at further for a source to the event.Border Gateway Protocol (BGP)
(RFC 4271)
179 BGP version 4 is widely used on the public internet and by Internet Service Providers (ISP) to maintain very large routing tables and traffic processing. BGP is one of the few protocols that have been designed to deal with the astronomically large routing tables that must exist on the public Internet.Lightweight Directory Access Protocol (LDAP)
(RFC 4510)
389 LDAP provides a mechanism of accessing and maintaining distributed directory information. LDAP is based on the ITU-T X.500 standard but has been simplified and altered to work over TCP/IP networks.Hypertext Transfer Protocol over SSL/TLS (HTTPS)
(RFC 2818)
443 HTTPS is used in conjunction with HTTP to provide the same services but doing it using a secure connection which is provided by either SSL or TLS.Lightweight Directory Access Protocol over TLS/SSL (LDAPS)
(RFC 4513)
636 Just like HTTPS, LDAPS provides the same function as LDAP but over a secure connection which is provided by either SSL or TLS.FTP over TLS/SSL
(RFC 4217
989/990 Again, just like the previous two entries, FTP over TLS/SSL uses the FTP protocol which is then secured using either SSL or TLS.