Ethernet Standards and Cable Types

Posted on by
Reply

The Need for and Operation of CSMA/CD

CSMA/CD = Carrier Sense Multiple Access /Collision Detection. We no longer need CSMA/CD so much because each switch port is now it’s own collision domain. However in some older networks where they are using hubs, or where they are using coax for example, CSMA/CD is required. When any host on a shared segment wants to transmit data it listens on the wire for any data – if it detects signals, it backs off for a random period of time before listening again, however if it does not detect anything, it attempts to send the data.

Issues occur when more than one host listens at the same time and detects no signal, so they both attempt to send data. This will cause a collision, and when you have a collision, both data signals are now useless. Normally, when a collision occurs, the voltage on the wire changes because essentially both voltages have hit each other. Now when CSMA/CD is in use, the hosts will detect this voltage spike and generate a JAM signal. So now both hosts that were involved in the collision are going to invoke a random backoff timer, before they attempt to resend the data. Once the backoff timer has expired, both hosts will go through the listen and transmit process again.

Ethernet Types and Standards

10Base-T is specified by 802.3 and the T stands for twisted pair cable. The maximum length of a 10Base-T cable is 100m. Twisting pairs of wires inside the cable cuts down on the possibility of electromagnetic interference.

The first Ethernet standards were 10Base-5 and 10Base-2.

Ethernet is considered a logical bus topology.

Fast Ethernet is defined by 802.3u. Defined by 802.3z and 802.ab is Gigabit Ethernet. Gigabit Ethernet has a maximum capacity of 1000MBPS.

Standard Ethernet cabling type is Category 5 UTP(Unshielded Twisted Pair) and is normally terminated with a RJ-45 connector. In Cat 5, pins 1 and 2 Transmit, and 3 and 6 Receive.

Crosstalk is caused by electromagnetic interference. Essentially,a signal crosses over from one pair of cables to another, causing the signals to become unusable. NEXT is Near End Cross Talk and and FEXT is Far End Cross Talk. PSNEXT is Power Sum Near End Cross Talk.

Ethernet Addressing

Ethernet Addresses are MAC Addresses – MAC stands for Media Access Control. The MAC Address is a 48 Bit Address expressed in Hex. The first half of the MAC is the Organisationally Unique Identifier(OUI), the second half is chosen by the vendor that created the NIC. The MAC address is usually burnt into the card. There are broadcast and multicast MAC Addresses.

The broadcast MAC Address is all F’s. FF-FF-FF-FF-FF-FF. There is a range of Multicast MAC addresses and the first half of a Multicast MAC Address is always 0100.5e. The second half of a multicast MAC address will fall in the range 00-00-00 to 7F-FF-FF.

CCNA Switching Notes

Posted on by
1

Redundancy could be subject to switching loops.

A switching loops form when a frame is transmitted, and ends up going back and forwards between switches.

A corrupt MAC address table could cause a switching loop.

STP is enabled by default.

STP determines a loop free path for frames, and all other ports are placed in a blocking mode.

Do not assume that the physically shortest path, is the path that STP will consider best.

Always lock up your switches!

By default, switch switch ports are on by default.

By default, switch ports are actively attempting to trunk.

All ports are in VLAN 1 by default and everyone knows that.

The first thing the switch does when it receives a frame is look at the MAC Address and adds it to the MAC Address table.

Port security only allows a “secure” source MAC Address to use the port.

To enable port security use “switchport port-security” on the interface.

If a port can possibly trunk, you cannot configure port-security on it.

When port security is in shutdown mode, it will shutdown the port when it detects an invalid MAC Address and send a message to the log and drops all violating frames. Restrict mode drops the violating frames and transmits a message to the log indicating an issue but does not shut the port down. Protect mode simply drops the violating frames.

If you configure port security with MAC address sticky, then the first source MAC address learned is the MAC address it will consider secure on that port.
Err-Disabled ports will have the LED go dark, and they must be manually re-opened with no shutdown.

=======================Spanning Tree Protocol=======================
Always try avoid a single point of failure

STP is strictly concerned with switching loops and is defined by IEEE 802.1d. It prevents switching loops from occuring by placing ports along the most desirable paths into forwarding mode, whilst ports  along less desirable paths are placed into blocking mode.

Once STP converges, every port on these paths is in either forwarding or blocking mode, making only one path available between any two destinations. Therefore a switching loop cannot occur.

STP is strictly a Layer 2 protocol and is used to prevent switching loops.

If a problem arises with the available path, STP will run the spanning-tree algorithm to recalculate the available paths and determine the best path. POrts along the enw best path will be brought out of blocking mode and into forwarding mode whilst ports along less-desirable paths are placed into blocking mode. And again, there will only be one available path.

CCNA Spanning Tree Protocol Notes Brief

Posted on by
Reply

All interfaces on the root bridge are put in the forwarding state
For other devices that are not the root bridge, the port that is closest to the root bridge is put in the forwarding state.

The bridge with the lowesr administrative distance to the root bridge is called the designated bridge. The ethernet interface on the designated bridge is called hte designated port. That port is put into forwarding state.

The root bridge is elected  based on bridge ID(usually the MAC address) and a priority.

By default all priorities are the same so, by default the switch with the lowest MAC address will become the root bridge.

Calculating the lowest administrative cost to the root bridge is based on the speed of the links across the LAN, to get to that root bridge. STP uses default port costs to calculate this. These port costs can be overridden by an administrator.

When a new switch is introduced to the network, the algorithm and port states are recalculated to prevent a new loop.

Switches communicate with a BPDU(Bridge Protocol Data Unit) every 2 seconds. If the remote switch doesnt respond, it is assumed  that that switch(and it’s links) are down and the Spanning Tree Algorithm is recalculated.

The STP Port states are:
Blocking – does not receive any frames but still receives BPDU’s from other switches.
Listening – Same as blocking but it is beginning its transition to forwarding frames. Unlike blocking, in Listening mode, the port will send BPDU’s.
Learning – The second state in the transition to frame forwarding. In this state the switch receives MAC address information from devices on this switch port.
Forwarding – Transmits and receives frames. This is the normal state for a port.
Disabled – This means that the switch port is administratively down or disabled.

STP is protocol 802.1d

STP works on Ethernet LAN’s

 

Layer 2 Technologies

Posted on by
Reply

Layer 2 LAN Technologies

Ethernet is the most common Layer 2 LAN protocol implemented in company networks.

The DIX version specified transmission of data at 10-Megabit-per-second(Mbps) speeds in a shared medium. DIX was then enhanced in 1982 and is now referred to as Ethernet II(version 2), which is commonly used today.

IEEE = Institute of Electrical and Electronic Engineers

IEEE defined new standards for Ethernet starting in the 1980s. The first two of these standards was 802.3, which deals with the physical layer functions as part of the data link layer, and the second was 802.2 which deals with the higher level data link layer functions.

Ethernet is a LAN technology that functions at the Data Link layer. Ethernet uses Carrier Sense Multiple Access/Collision Detection(CSMA/CD) to send information in a shared environment.

CSMA/CD describes the actual process of how the Ethernet operates on a shared medium.

Before a Ethernet NIC puts a frame on the wire, it will first sense the wire to ensure that no other frame is currently on the wire. If the cable uses copper, the NIC can detect this by examining the voltage levels on the wire, else if fiber , the NIC can detect this by examining the light frequencies on the wire. The NIC must go through this sensing process because Ethernet supports multiple access – another NIC might already have a frame on the wire.

If two or more devices simultaneously sense the wire and see no frame,  and each places its frame on the wire, a collision will occur. In this situation, the voltage levels on a copper wire or the light frequencies on a piece of fiber get messed up. The two original frames become unintelligible(or indecipherable). When NICs place a frame on the wire the examine the status of the wire to ensure that a collision does not occur: this is the collision detection mechanism of CSMA/CD.

If NICs see a collision they have to resend the frames. In the instance where a collision occurs, each NIC that was transmitting frame creates a special signal called a jam signal on the wire. It then waits a small random time period, and sense again, if no frame is on the wire, it resends the original frame.

The more collisions you experience, the less throughput you will get. Normally if your collisions are less than one percent of your total traffic you are okay.

Because of the fact that Ethernet experiences collisions, networking devices that share the same medium, so that they are connected to the same physical segment, are said to belong to the same collision or bandwidth domain.

Traffic generated by one device on the collision domain can adversely affect other devices in the same domain.

Two variants of Ethernet exist: IEEE’s implementation and Ethernet II. Devices running TCP/IP typically use the Ethernet II implementation. The Ethernet II standard covers both the physical and data link layer functions.

IEEE split the data link layer into two components to simplify dealing with multiple layer 2 and layer 3 protocols. The two data link layer components are Media Access Control(MAC) and Logical Link Control(LLC).

The second version of Ethernet was developed by IEEE and is standardized in the IEEE 802.2 and 802.3 standards.

The top part of the data link layer is the LLC and its function performed in software. The bottom part of the data link layer is the MAC, and it’s function is performed in hardware.

The LLC performs its multiplexing by using Service Access Point(SAP) identifiers.

When a network layer protocol is encapsulated in the 802.2 frame, the protocol number of the network data is placed in the SAP field. When destination receives  frame, it examines the SAP field to determine which upper-layer network protocol should process the frame.

Optionally, LLC can provide sequencing and flow control to provide a reliable service, as TCP does at the transport layer.

One of the main differences between IEEE’s and Ethernet II’s implementation of Ethernet is the framing used(framing defines the format of information a s it’s carried across a data link layer medium)

IEEE 802.3  is responsible for defining the framing used to transmit information between two NIC’s.

Fields in the 802.3 Frame

Field Length(Bytes) Description
Preamble 7 Identifies the beginning of the 802.3 frame and is a string of 7 bytes of alternating 1’s and 0’s.
Start of Frame(SOF) 1 Indicates the following byte is the start of the frame. The first 8 bytes are commonly referred to as the preamble, even though this is not quite true.
Destination MAC 6 The MAC address to which the frame is to be sent.
Source MAC 6 The MAC address of the source of the frame.
Length 2 Defines the length of the frame from this point to the checksum at the end of the frame.
Data Variable The 802.2 LLC encapsulated frame.
FCS(field or frame checksum sequence) 4 A checksum(CRC, or cyclic redundancy check) that is used to ensure that the frame is received by the destination error free.

When generating the FCS value, which is basically a checksum, the NIC takes all of the fields in the 802.3 frame, except the FCS field and runs them through an algorithm that generates a 4-byte result.

Upon receiving the destination takes the same fields and runs them through the same algorithm and then compares its own 4-byte output with what was included with the frame.

IEEE 802.2(LLC) handles the top part of the data link layer. Two types of 802.2 frames are used: Service Access Point(SAP) and Subnetwork Access Protocol(SNAP). 802.2 frames are encapsulated in an 802.3 frame when being sent to a destination.

Where 802.3(Ethernet) is used as a transport to get the 802.2 frames to other devices, 802.2 is used to define which network layer protocol created the data that the 802.2 frame will include.

Here are some examples of SAP values: TCP/IP uses 0×06(hexadecimal) and IPX uses 0x0E.

Make sure you understand the mechanics of Ethernet’s media access method: CSMA/CD. Ethernet, Fast Ethernet, and Gigabit Ethernet use CSMA/CD. All devices have equal priority when accessing and transmitting on the wire. A device must sense the wire before transmitting. If two devices transmit simultaneously, a collision occurs. When this happens, a jam signal is generated and the devices retransmit their frame after waiting a random period and sensing the wire again.

The second frame type supported by 802.2 is SNAP, and two additional field are included: OUI ID and Type.

To indicate a SNAP frame, the SAP fields are set to hexadecimal 0xAA, the control field is set to 0×03, and the OUI field is set to 0×0.

AppleTalk is an example of a protocol that uses an 802.2 SNAP frame.

Token Ring is specified in IEEE’s 802.5 standard, and FDDI is specified in an ANSI standard.

802.2 uses a SAP or SNAP field to differentiate between encapsulated layer 3 payloads. With a SNAP frame, the SAP fields are set to 0xAA and the type field is used to indicate the layer 3 protocol.

Ethernet II was the original Ethernet frame type. Ethernet II and 802.3 are very similar: they both use CSMA/CD to determine their operations.

Ethernet II does not have any sublayers, while IEEE 802.2/3 has two – LLC and MAC.

Ethernet II has a type field instead of a length field(used in 802.3). IEEE 802.2 defines the type for IEEE Ethernet.

NIC’s differentiate between the two types by examining the value in the type field for an Ethernet II frame and the value in the length field in the IEEE 802.3 fram.

Both versions of Ethernet can exist in the same network. However, because of the frame differences between the two types, a NIC running only 802.3 will discard any Ethernet II frames and vice versa.

In 1 byte(octet) there are 8 bits.

Bit positions are labelled from left to right, where the leftmost bit is the most significant and the rightmost bit is the least significant.

In decimal you have values that range from 0 to 9(10 Values).Hexadecimal has a range of 16 values, which are 0-9, A-F. As an example, a decimal 10 is equivalent to A in hexadecimal. A decimal 17 is equivalent to 11 in hexadecimal.

A MAC Address is 48 bits long and is represented as a hexadecimal number. In hex it is 12 characters in length, where each character is 4 bits.

The first six digits of a MAC Address are associated with the vendor, or maker of the NIC and are commonly called the Organizationally Unique Identifier(OUI)

Cisco SMB Engineer Study Notes

Posted on by
2

Cisco SMB Engineer Study Notes

The function of the internal service module on the ISR is dedicated CPU and memory to host applications and services that do not require interface ports.

The WET200 is a wireless product that includes a 5 port switch

Cisco Small Business Pro Service differs from Small Business Pro Warranty in the speed of the hardware replacement.

The primary purpose of VeraSMART is to interpret detail call records.

Three characteristics that buyers of Cisco Small Business routers look for:

-          Basic Security Options

-          Simple Network Configuration

-          Integrated Solutions

Recommend to customer that requires high-bandwidth connectivity and strong security a 520-T1 SR.

Two characteristics of a managed CSBS recommended over unmanaged switch:

a)      VLAN support    b) Web Controlled GUI

SMB router with 4 Port Fast Ethernet switch but without wireless: RVL200

Three deployment scenarios Cisco Configuration Assistant Supports:

a)      Cisco SR 500 is secure router mode, acting as a front end for UC500.

b)      Multi-Site VPN with UC500 platforms

c)       UC500 to UC Manager trunk

Two WAN interfaces the SRP 520 Series supports are Fast Ethernet and ADSL2+

The three types of VPN that can be configured by CCA: MPLS, Cisco, DMVPN

Two advantages of the SA520 UTM over typical routers:

-          VPN’s

-          URL Filtering

Clustering in a SMB Wireless Network replicates configured paramteres across access points in the cluster, whilst optimizing the network.

WAP200E can be used to connect offices across parking lots.

Partner Development Funds available for SMB Specialized & Express Foundation Partners:

a)      PDF Pro Basic b) PDF Core

Pro service differs from Pro Warranty by providing access to the Small Business Support Community.

Pro Service price is based on the complexity of the devices – 4 price points.

Partner Education Connection houses the SMB partner training resources.

3 elements included with Small Business Pro Service:

a)      Next Business Bay Advanced Hardware Replacement.

b)      Software Upgrades and Updates.

c)       Access to Small Business Support Center.

CCA Support for Multi-Site use: UC520, SR520-T1, UC540

2 types of info found at partner central:

a)      Specialisation and Certification Details    b) Sales Program Information

Difference between Catalyst 2960 LAN Base and Catalyst Lite is that only the 2960 LAN base offers enhanced Layer 2+ intelligent LAN Services.

SGE Series is recommended to customers who want to segment networks into workgroups and have a limited number of voice devices.

Primary purpose of SMB Smart Design provides validated commercial solutions.

Two types of address translation that allows an IP to be duplicated are PAT and DAT.

Three pre-sales Smart Design documents are available to help implement and install solutions:

-          Small Business Product Guide

-          Solutions Profile

-          Cisco Configuration Assistant

The companion switch recommended to be installed with the UC500 is the ESW500.

Two components unique to controller based wireless installations:

-          Cisco Wireless Control System

-          Mobility Services Engine

MAC Address uses Data Link layer to communicate

Two ways the SR520 Secure Router complements the Cisco Small Business Communications system:

-          Cisco Intrusion Prevention System

-          Stateful Packet Inspection Firewall

UTM = Unified Threat Management

Three business losses can be reduced by implementing Cisco Physical Security:

-          Vandalism

-          Slip and Trip Accidents

-          Unauthorised Building Access

The SMB Partner Practice Builder is a program to develop UC practice.

Using Smart Designs increases the typical deal size by 3x.

Two characteristics common to small business switches:

a)      Remote management   b)Do-it yourself installation and management.

Two traits inherent to QOS:

a)      Support for real time apps

b)      Reduction in delay, jitter, packet loss

SA500 Important Features:

a)      Email Security    b) business grade firewall            c) site-to-site VPN

Post Sales SMART Design Documents:

a)      Implementation Guide

b)      Application Notes

c)       Design Guide

3 WAN Technologies the SR500 Family Supports:

a)      T1           b) Fast Ethernet               c) ADSL

Cisco NAS with 2Gbps Ethernet and up to 16 FTP users: NSS4000

With TimeCard View you can use an IP Phone to clock in and out.

3 Integrated Apps with the UC500 Series:

-          TimeCard View

-          WebEx Phone Connect

-          VoiceView Express

Ports available on the Cisco SPA 8800 Voice Gateway:

-          4 Station Ports and 4 Trunk Ports(4xFXR & 4xFXO)

3 Components of the SMARTnet service:

a)      Support for every Cisco product

b)      Advanced replacement on the next business day

c)       Immediate support from the TAC engineers

3 Features included with the SA520

a)      DMZ      b) Business Firewall        c) VPN

32 Users on UC540 and 104 on UC560

Features unique to SPA525: Bluetooth and MP3 Music

Difference between SMB Support Center and Community is telephone support during business hours(center).

Cisco SMB Account Manager

Posted on by
Reply

Cisco SMB Account Manager Notes

Two of the implementation ratings found in the SBR Value Assesment are growth and foundation

Cisco SBR methodology provides an opportunity to build long term consultative relationships with customers

Cisco Catalyst Express 500 is most suitable for access area campus LANs.

Two reasons Integrated Service Routers(ISR) are well positioned for SMB are:

a)      They offer the best choice for remote access needs

b)      They are integrated with firewall capabilities

In the following areas SMBs require better products than found in retail stores:

a) wireless b) security c) voice

Cisco 521 Wireless Express Access Point can be configured to operate in either standalone mode or controller based mode

The following are bundled with the SPA9000

-          Intercom and group paging

-          Voice Mail

-          Auto Attendant

Salesforce.com and Microsoft Dynamics allow Unified Call Connect to be configured for remote connectivity

An advantage of the Cisco Small Business VPN router series is QuickVPN(QVPN) client software for client management

Primary use of remote access VPN is to securely communicate between a remote PC and acorporate intranet

Two benefits for prospects derived from the Cisco SBR methodology are:

-          Increased customer loyalty

-          Increases Profitability

Three features common to majority of switches in Small Business portfolio:

-          VLAN Support

-          Power over Ethernet(PoE)

-          Quality of Service(QoS)

Two features that make the ASA5510 a better solution for SMB than an ASA5505 are:

a)      Intrusion Prevention b) The number of firewall connections allowed

A useful tool to obtain solution requirements and pricing is the quote builder

Most SMB decision makers:

-          Are generally well educated on what Unified Communications(UC) offers

-          Have a tendency to support current telephony vendors

The support service sold, supported and delivered by partners is the Cisco Smart Care Service

Three products that reside on the UC500:

a)      Cisco IOS Firewall b) UC Manager Express c) Unity Express

Two benefits of Unified Call Connector:

-          Screen Pops for incoming calls

-          Status of Co-Workers before placing call

Scalability, Effectiveness, High Availability, Mobility

Primary partner benefits of selling services: increased margins

CMD provides network management at a Cisco Partner location

CCA provides device discovery and call routing configuration

UC520 provides WLAN connectivity to mobile clients for both data and voice

Three characteristics of ProtectLink Gateway Product:

-          Provides web server content filtering

-          Provides content filtering for email

-          Protects from spyware and phishing attacks

Three phases of the Smart Business Road Map:

a)      Optimised           b)  Growth          c) Foundation

Three attributes sought in target customers for Smart Foundation Services:

-          50 or fewer network devices

-          Fewer than 250 users

-          Network is not mission critical

Integrated messaging forwards voice mail to your email as .wav files

Small Business products have minimal technical complexity

When selling a security solution to e-commerce, needs you should address are:

a)      Scalability            b) Secure Transactions c) Maximum Uptime

The OSI Reference Model

Posted on by
Reply

CCNA Study Notes – Chapter 2

The OSI Reference Model separates the network communications process into seven simple layers. It thus:

-          Defines the process for connecting two layers together, promoting interoperability between vendors.

-          Separates a complex function into simpler components.

-          Allows vendors to compartmentalize their design efforts to fit a modular design, which eases implementations and simplifies troubleshooting.

-          Provides a teaching tool to help network administrators understand the communications process used between networking components.

The seven layers are: application, presentation, session, transport, network , data link, physical.

The transport, network, data link, and physical layers are responsible for moving data and information back and forth between these higher layers.

Layer 7 – Application Layer

The application layer provides the interface that a person uses to interact with applications, or in this instance, a particular application. The interface can be graphical or command line based. For example, the Cisco Internetwork Operating System(IOS) use a CLI, however Security Device Manager(SDM) uses a GUI.

There are many examples of application layer programs. The most common are telnet and Secure Shell(SSH), FTP, Web Browsers and Email.

The application layer provides a means for the applications to realise that a network is there and to take advantage of it. In other words, the application layer encompasses the protocols and services that the applications will employ to access network resources.

Layer 6 – Presentation Layer

The presentation layer is responsible for defining how information is transmitted and presented to the user in the interface that he or she is using. For example, text is represented in primarily two different  forms: ASCII and EBCDIC.

The presentation layer can also provide encryption to secure data from the application layer; however, this is not common with today’s methods of security, since this type of encryption is performed in software and requires a lot of CPU cycles to perform.

The presentation layer determines how data is transmitted and represented to the user. Examples of presentation layer protocols and standards include ASCII, BMP, GIF, JPEG, WAV, AVI, and MPEG.

Layer 5 – Session Layer

The session layer is responsible for initiating the setup and teardown of connections . The session layer must determine whether data stays local to a computer or must be obtained or sent to a remote networking component.

The session layer is also responsible for differentiating among multiple network connections, ensuring that data is sent across the correct connection as well as taking data from a connection and forwarding it to the correct local application.

To setup connections or tear down connections, the session layer communicates with the transport layer. Remote Procedure Calls(RPC’s) are an example of a TCP/IP session protocol; the Network File System(NFS), which uses RPC’s, is another example of a protocol at this layer. The session layer is also responsible for error reporting of any issues at the application, presentation, and session layers and for implementing any type of class of service(CoS).

The session layer is responsible for setting up, maintaining, and tearing down network connections, Examples include RPCs and NFS.

Layer 4 – Transport Layer

The transport layer is responsible for the actual mechanics of setting up, maintaining, and tearing down a connection, where it can provide both reliable and unreliable delivery of data. With reliable connections, the transport layer is responsible for error detection and correction: when an error is detected, the transport layer will resend the data, thus providing the correction.

The session layer deals with timeout issues, notifications, hello packets to determine connection issues, and so on; the transport layer entails the actual delivery mechanisms of moving information(at the transport layer) between network components.

The transport layer has five main functions:

-          It sets up, maintains and tears down a session connection between two components.

-          It can provide for the reliable or unreliable delivery of data across this connection.

-          It segments data into smaller, more manageable sizes.

-          It multiplexes connections, allowing multiple applications to send and receive data simultaneously on the same networking device.

-          It can implement flow control through ready/not ready signals or windowing to ensure one component doesn’t overflow another one with too much data on a connection. Both of these methods typically use buffering and are used to avoid congestion.

Therefore the five main purposes of the transport layer are: connection management, reliable and unreliable delivery of data, flow control, multiplexing, and segmentation.

When implementing a reliable connection, sequence numbers and acknowledgements(ACKs) re commonly used.

Some reliable connection protocols might also go through a handshake process when initially building a connection. This handshake process determines whether the two networking devices can build the connection and negotiate the parameters  that should be used to provide a reliable connection. With TCP this is call the three-way-handshake.

In TCP/IP, a domain name service(DNS) query is a good example of when using a connection orientated protocol doesn’t make sense.

The information transferred between networking devices at the transport layer is called a segment. Segmentation is necessary to break up large amounts of data into more manageable sizes that the network can accommodate.

Connection multiplexing is needed to differentiate between data traversing the various connections.

TCP/IP uses a 16-bit field for the port number.

The transport layer can use two basic flow control methods:

-          Ready/Not Ready Signals

-          Windowing

With R/NR when the destination receives more traffic than it can handle, it can send a not ready signal to the source indicating that the source should stop transmitting data. Once the destination catches up, the destination sens back to the source with a ready signal. Once the ready signal is received, the source will start sending data again.

Two problems are associated with R/NR. Firstly, the destination may send the not ready signal to the source when it’s buffer has filled up, however whilst this message is on its way to the source, the source is still sending data to the destination, and the destination will probably have to drop the packets because its buffer is full.

The second problem with R/NR is that once the destination is ready to receive more data, it needs to send a ready signal to the source, which must receive it before more information can be sent. This can cause delays. Because of the aforementioned inefficiencies, R/NR is not commonly used.

Windowing is much more common than R/NR.

In windowing, a window size is defined that specifies how much data(commonly called segments at the transport layer) can be sent before the source has to wait for an acknowledgement(ACK). Once the ACK is received, source can send the next batch.

Windowing accomplishes two things: Firstly, flow control is enforced based on the window size. In most cases the window size is dynamically negotiated up front and constantly renegotiated during the lifetime of the connection. Secondly, throughout the windowing process, the destination tells the source what was received, and this can be good error correction.

Most connection –oriented transport protocols, such as TCP use windowing to implement flow control.

The larger the window size, the more efficient the transfer of information becomes.

What can make this more complicated however  is that the window sizes on the source and destination devices can be different.

Layer 3 – Network Layer

The network layer provides quite a few functions. First, it provides for a logical topology of your network using logical, or layer 3, addresses. These addresses have two components: a network and a host component.

Layer 3 addresses allow devices that are on the same or different layer 2 medium or protocol to communicate with each other.

The network layer is responsible for three main functions:

-          Defines logical addresses used at layer 3.

-          Finds path, based on the network numbers of logical addresses, to reach destination components.

-          Connects different data link layer types together, such as Ethernet, Fiber Distributed Data Interface(FDDI), Serial, and Token Ring.

The network layer provides a logical topology, defines layer 3  addresses, and finds best paths to logical address destinations. Routers function at the network layer and are responsible for packet switching and selecting paths for destinations. Layer 3 protocols include TCP/IP, IPX, and AppleTalk.

Each Layer 3 protocol has its own method of logical addressing. Correct assignment of each of these addresses on devices across your network allows you to build a hierarchical design that can scale to very large sizes.

All layer 3 addressing schemes have two components: network and host(or node). Each segment whether it be physical or logical in a network needs a unique network number.

MAC addresses however, do not need to be unique between two different broadcast domains.

TCP/IP IPv4 addresses are 32-bits in length. To make these more readable, they are broken into 4 bytes(octets) separated by a period. This is called dotted decimal notation.

A subnet mask determines the boundary between the network and host components of an address.

IPX Addresses are 80-bits in length, the first 32 bits are always the network number, and the last 48 bits are always the host address. IPX addresses are represented in hexadecimal.

Routers are devices which function at the network layer; they use logical network numbers to make forwarding decisions – how to get packets to their destinations. Routers build routing tables which contain routing information.

A router can use metrics to make routing decisions(where to send the packet for further forwarding). Many different types of metrics are used, such as bandwidth, delay, and hop count(etc).

Routing Information Protocol(RIP) uses hop count as a metric for making decisions, whilst EIGRP uses bandwidth, delay, reliability, load, and frame size(Maximum Transmission Unit or MTU).

Advantages of routers over data link layer devices such as switches and bridges:

-          Logical addressing at layer 3 allows you to build hierarchical networks that scale to very large sizes.

-          Routers contain broadcasts and multicasts. When a broadcast or multicast is received on an interface, it is not forwarded to another interface, by default. Routers can be used to solve broadcast problems(Routers create separate bandwidth and collision domains, but bridges and switches provide a cheaper solution)

-          Routers are better at connecting different layer 2  technologies together, such as Ethernet and Token Ring or FDDI and Serial, without any conversion issues.

-          Routers can switch packets on the same interface using VLANs.

-          Routers have advanced features that allow you to implement quality of service using queing or traffic shaping, filtering traffic using access control lists(ACLs), or protecting traffic using encryption.

Layer 2 devices such as bridges and switches do not support hierarchical addressing – layer 2 MAC addresses support a flat addressing space. Another issue with layer 2 devices is that they don’t operate very well when connecting differing layer 2 technologies or protocols – Ethernet and Token Ring for instance. At layer 2 this process is called translation bridging. Layer 2 devices have issues translating between technologies/protocols for many reasons.

Ethernet supports frame sizes up to 1500 bytes, whilst Token Ring supports frame sizes up to 16KB.

Each interface of a router is a separate broadcast and collision domain.

Common tools to troubleshoot layer 3 problems include ping, traceroute, and Address Resolution Protocol(ARP).

Layer 2 – Data Link Layer

The data link layer provides for physical, that is hardware, addresses. Hardware addresses are commonly called Media Access Control(MAC) addresses.

The data link layer also defines how a networking component accesses the media to which it is connected and defines the medias frame type and transmission method.

To traverse layer 2 protocols, Ethernet to Token Ring for instance, a router is typically used.

Data Link layer is also responsible for taking bits from the physical layer and reassembling them into the original data link layer frame. The data link layer also does error correction in that it discards bad frames.

Data Link protocols and standards for LANs:

-          Institute of Electrical and Electronic Engineers(IEEE) 802.2, 802.3, and 802.5

-          Ethernet II

-          ANSI’s FDDI

Data Link protocols and standards for WANs:

-          Asynchronous Transfer Mode(ATM)

-          Frame Relay

-          High-Level Data Link Control(HDLC)

-          Point-to-Point Protocol

-          Synchronous Data Link Control(SDLC)

-          Serial Line Internet Protocol(SLIP)

The data link layer defines hardware(MAC) addresses as well as the communication process that occurs within a media type. Switches and Bridges function at the data link layer. Error detection occurs here, but not correction(no retransmission, only dropping bad frames).

The data link layer is responsible for the following:

-          Defining the MAC or hardware address.

-          Defining the physical or hardware topology for connections.

-          Defining how the network layer protocol is encapsulated in the data link layer frame.

-          Providing both connectionless and connection oriented services.

In environments that use Systems Network Architecture(SNA) as a Data Link layer protocol, SNA can provide sequencing and flow control to ensure the delivery of data link frames. SNA was developed by IBM to help devices communicate in LANs(predominantly Token Ring).

Each machine on the same network or topology needs a unique MAC address. For instance , Frame Relay uses Data Link Connection Identifiers(DLCI).

The first six digits of a MAC are associated with the vendor, or maker(Organizationally Unique Identifier).

A logical segment can be a VLAN and can be referred to as a broadcast domain. It is important that within a logical or physical segment, all devices have a unique MAC. You can have the same MAC address in different broadcast domains without issues.

Address Type Description
Unicast Represents a single device on a segment
Broadcast Represents every device on a segment
Multicast Represents a group of devices on a segment

Each data link layer frame contains two MAC addresses: a source MAC address of the machine creating the frame and a destination MAC address for the device. A source MAC address is a example of a Unicast Address – only one device can create the frame.

A frame with a destination unicast MAC address is intended for only one network component on a segment. The membership of a multicast address is dynamic, and a multicast address represents a group of devices on a segment. A broadcast is a data link layer frame that is intended for every device on the network. For MAC broadcasts, all of the bit positions in the address are enabled, so it is FF:FF:FF:FF:FF:FF

Broadcasts are more effective than Unicasts when you want to send data to every device and broadcasts can be used to discover the unicast address of a device. In TCP/IP the Address Resolution Protocol uses this process to discover another devices MAC address.

Layer 1 – Physical Layer

The physical layer is responsible for the physical mechanics of a network connection, including:

-          The type of interface used on the networking device

-          The type of cable used for connecting devices

-          The connectors used on each end of the cable

-          The pin patterns used for each of the connections on the cable

-          The encoding of a message on a signal by converting binary digits to a physical representation based on the media type, such as electrical for copper, light for fiber or a radio wave for wireless.

The physical layer is also responsible for how binary data is converted into a physical signal and vice versa.

Data Communication Equipment(DCE) terminates a physical WAN connection and provides clocking and synchronisation of a connection between two locations and connects to Data Termination Equipment(DTE). The DCE category includes equipment such as CSU/DSUs, NT1 and modems. A DTE is an end user device such as a router or PC that connects to the WAN via a DCE. In some cases the function of the DCE may be built into the DTE.

Normally the terms DCE and DTE are used to describe components.

Hubs and Repeaters operate at Layer 1.

Examples of physical layer standards include the following cable types:

-          Category 3, 5 and 5E

-          EIA/TIA 232, 449 and 530

-          Multimode and Singlemode Fiber(MMF and SMF)

Encapsulation and De-Encapsulation

As data is passed from higher to lower layers, each layer adds information to the original data – typically a header and possibly a trailer. This is called encapsulation.

The data link layer adds both, where the term encapsulation is the most appropriate; however, upper layer protocols add a header, and a few protocols add a trailer. Both processes are referred to as encapsulating upper layer information and data.

The term Protocol Data Unit(PDU) is used to describe data and its overhead.

For TCP and UDP in the TCP/IP protocol stack, the transport layer adds a header but no trailer.

Once the physical layer is reached, the bits of the data link layer frame are converted into a physical layer signal – a voltage or light source or radio wave, or other source according to the physical medium which is in use.

When the destination receives the information, it goes through a reverse process of de-encapsulating information – basically stripping off the headers and trailers of the PDU.

The transport layer passes the segment down to the network layer, which encapsulates the segment into a packet. The packet adds only a header, which contains layer 3 logical addressing information(source and destination address). In the TCP/IP protocol stack, the terms packet and datagram are used interchangeably to describe a PDU.

Many protocols are within the TCP protocol stack – ARP, TCP, UDP, ICMP, OSPF, EIGRP, BGP, etc.

The data link layer encapsulates the packet into a frame  by adding both a header and footer.

The important components placed in the Ethernet frame header are the source and destination MAC addresses, as well as a Field Checksum Sequence(FCS) value so that the destination can verify the validity of the frame.

The physical layer converts the bits into a physical property based on the cable or connection type.

CCNA Study Notes – Chapter 1

Posted on by
Reply

CCNA Study Notes – Chapter 1

Networks

When designing and maintaining a network, remember these factors:

Cost, security, speed, topology, scalability, reliability, availability

VoIP and video traffic is sensitive to delay and latency. Therefore QoS is commonly implemented to ensure these applications have enough bandwidth and are prioritised throughout the network to limit the amount of delay they incur.

Security appliances are specialised network components that typically provide many security functions, such as Cisco ASA’s and PIX, Cisco 4200 intrusion prevention and detection systems(IPS & IDS), and Cisco 3000 VPN Concentrators.

The media types used in LAN’s include copper and fibre cabling. Ethernet, Fast Ethernet(FE), Gigabit Ethernet(GE), Token Ring, and fibre distributed data interface(FDDI) are frame types used to communicate between components on fibre and copper.

Four basic types of connections or circuits are used in WAN services:

Circuit-Switched, Cell-Switched, Packet-Switched, and dedicated connections.

LAN’s provide high-speed bandwidth connections to interconnect components is geographically close locations, such as building or campus. WAN’s provide lower speed bandwidth connections to interconnect multiple locations or sites. WAN’s involve paying recurring monthly costs to a service provider.

Examples of networking devices used in WAN connections include cable and DSL modems, carrier switches, CSU/DSUs, firewalls, modems, NT1s and routers.

Network Topologies

A topology defines how the components are connected. A point-to-point topology has a single connection between two components.

In a star topology, a central device has many point-to-point connections to other components. The main problem with a star topology is that if the center of the star fails, no components can communicate with each other.

In a bus topology, all components are connected to and share a single wire.

In a ring topology, device one connects to device two, device two connects to device three, and so on to the last device, which connects back to the first device. Ring topologies can be implemented with a single or dual ring. Dual rings are for redundancy.

Fibre Distribute Data Interface(FDDI) is an example of a media technology that uses dual rings to connect computer components.

A physical topology describes how components are physically cabled together. A logical topology describes how components communicate across the physical topology. The physical and logical topologies are independent of each other.

For example, any variety of Ethernet uses a logical bus topology when components communicate, regardless of the physical layout of the cabling.

Media Type Physical Topology Logical Topology
Ethernet Bus, Star, or point-to-point Bus
FDDI Ring Ring
Token Ring Star Ring

Two types of meshed topologies are used: partial and full.

In a partially meshed environment, every device is not connected to every other device. In a fully meshed environment, every component is connected to every other component.

The formula used to determine the number of links needed to fully mesh a WAN is N x (N-1) ÷ 2, where N is the number of locations.

Network Security

Before you even consider designing a security solution for a network, you must have a sound security policy in place. The security policy will determine the security solution you will design, implement, and maintain. The Securing Cisco Network Devices course and book briefly talks about security policies. A better reference is RFC 2196 on www.ietf.org.

Four categories of common threats to networks and their components can occur: physical installations, reconnaissance attacks, access attacks, and denial of service(DoS) attacks.

Physical installations involve four types of threats: hardware, electrical, environmental, and maintenance.

Remember that most threats to a network are internal; therefore, developing a security plan to deal with physical threats is very important.

Electrical threats include irregular fluctuations in voltage, such as brownouts and voltage spikes, and complete loss of power.

Environmental threats include very low or high temperatures, moisture, electrostatic, and magnetic interference.

Maintenance threats include not having backup parts or components for critical network components; not labelling components and their cabling correctly, causing problems when performing maintenance in and around network components; and not following electrostatic discharge procedures before handling network components.

A reconnaissance attack occurs when an adversary tries to learn information about your network.

An access attack occurs when someone tries to gain unauthorised access to a component, tries to gain unauthorised access to information on a component, or increases their privileges on a network component.

DoS attacks involve an adversary reducing the level of operation or service, preventing access to, or completely crashing  a network component or service.

Designing and maintaining  networks includes factors such as cost, speed, topology, type, scalability, reliability, and availability. Certain kinds of traffic, such as VoIP and video, are sensitive to delay and latency and therefore your design should include QoS features to deal with these types of traffic. The kinds of network components you’ll see in a network include routers, switches, bridges,  hubs, and security appliances such as firewalls and IDS/IPS security appliances.