Chapter 1 - Packet Fowarding - Day 1

Network - provides connectivity between devices.

Almost everything is based on TCP/IP in a network. (TCP - Transmission Control Protocol, IP- Internet Protocol) TCP/IP is based on the concept of Open Systems Interconnection or the OSI Model which is composed of 7 layers.

7 Layers:

Application - Interface for receiving and Sending Data

Presentation - Formatting of data and encryption

Session - Tracking of packets

Transport - End-to-End communication between devices

Network - Logical addressing and routing of packets

Data - hardware addressing

Physical - Media type and connector

When sending data across the network starts at layer 7 moves down the OSI model then transmits across the network to its destination and moves back up from layer 1 to layer 7.

*Troubleshooting should always start at Layer 1 and move up the OSI model. (Most issues that I have observed working in an ISP reside on Layer 1 or Layer 2)

Chapter 1 reinforces the concepts relate to how a network device forwards traffic from either a Data (L2) or Network(L3) perspective.

L2 handles addressing beneath the IP protocol stack so that communication is between hosts.

Network Packets (L3) include L2 addressing

Broadcasts are not typically forwarded beyond a L3 boundary

Ethernet devices us CSMA/CD to ensure that only one device talks in a collision domain.

CSMA/CD - Carrier Sense Multiple Access/Collision Detect

Network switches enhance scalability and stability in a network through creation of virtual channels.

Switch maintains a table which associates a host's MAC Ethernet address to the port that sources network traffic. Instead of flooding all traffic out of every switch port, a switch uses the local MAC table to forward network traffic only to the destination switch port associated with where the destination MAC is attached. 

Unknown unicasting flooding happens when a destination MAC address is unknown.

Broadcast Domains = All devices in same L2 segment

Network broadcasts do not cross from one subnet to another subnet

VLANS (Virtual Local Area Networks) - Provide logical segmentation by creating multiple broadcast domains on the same network switch. VLANS provide higher utilization of switch ports because a port can be associated to the necessary broadcast domain, and multiple broadcast domains can reside on the same switch. Network devices in one VLAN cannot communicate with devices in a different VLAN via traditional L2 or broadcast traffic.

VLANS are defined in the 802.1Q standard which states that 32 bits are added to packet header in the following:

Tag protcol identifier (TPID) - 16-bit field set 0x8100 -802.1Q packet

Priority code point (PCP) - 3-bit field indicates class of service (CoS) as part of L2 QoS between switches

Drop elgible indicator (DEI) - 1-bit field indicates whether the packet can be dropped when there is bandwidth contention

VLAN ID - 12-bit field associates VLAN with network packet.

VLAN ID provides 4094 unique VLANS

Create VLAN by using vlan (#) then name vlan by using name (name of vlan) under the VLAN sub-mode configuration. Once config moved back to global or a different VLAN the VLAN is created.    

        Example  for Creating and Naming a VLAN:

        SW1# config T

        SW1(config) # vlan 10

        SW1(config-vlan) # name PCs


This can be verified by using the command show vlan. This shows what ports are assigned to what VLAN. Using the various keywords can provide specific information regarding the vlans ie show vlan brief, show vlan summary, show vlan id (#) or show vlan name (name of vlan)

Access ports are the fundamental building blocks of a managed switch. It is assigned to only one VLAN and carries traffic from a specified VLAN on the device or devices on the same switch. 802.1Q tags are not included on packets transmitted ore received on access ports.

Switches place switch ports as L2 access ports for VLAN 1 by default.

 






Comments

Post a Comment

Popular posts from this blog

Building a Wifi mesh with Eeros

Image
I run sound at my church and them knowing that I am a Network Engineer approached me about the Wifi. See the Wifi was outdated and could not handle the amount of traffic it was getting from staff, guest and devices accessing it so it was time for an update. I did some research to find the least expensive option with the least amount of tech savvy needed to continue administration of it should something happen. This research lead me to the eero and its extenders with its ability to have a primary network wand a sub network on it as well using wifi 6 as its base. As you can see below I created 5 different networks that span several buildings and large areas across the the church. This has helped to segment the network for security reasons, but also to break up the amount of traffic that was being sent across a single network.  In each of the networks shown above I have deployed at minimum 2 extenders in each network and each network has its own password and IP pool that does not matc...
Read more

Google CyberSecurity Course so far

Hello Fellow Tech People!  As I discussed in my last post I am currently working through Google's course on cybersecurity. I have to say that I'm fairly impressed with this course and am only half way through so far. This course covers a lot of foundational concepts for security and the cybersecurity field. As you progress through each module it builds on the foundation of the previous module giving you a solid place to continue to learn and build from. Right now I have covered foundation of security, managing risk, networking and network security and am working on tools of Linux and SQL. All of these have been fantastic and as I've stated a great primer for jumping into the field. Coursera has built a terrfic course and is worth the money on spending to obtain the certification from Google. The cost is fairly inexpensive if you can dedicate time everyday to the course in a steady pace. I was fortunate enough to get cousera for a month for $1 so I thought I would try it out...
Read more

Study Aids - Updated Nov. 2021

Updated! Hello Friends! Today I will be talking about the study aids I use when studying for a Cert. I generally like to study by myself because I can go at my own pace and stop to lab out a concept without having the worries of holding up a group. However on occasion I find that I need something to keep me accountable and to feel like somebody else is there. Well this has become my go to for that : Study with Me (  https://www.youtube.com/channel/UCSQkQjPhnZw12Hj-SfsbX8w  ) The woman who does this has many different videos some with music and some without but all of them amazingly useful. MUSIC : When labbing for long periods of time I tend to listen  to fast paced music which helps me think and keeps the pace up. For this I listen to Two Steps From Hell, Audiomachine and videos from this guy's playlist  https://www.youtube.com/channel/UCT5RMcRGa32Th0AZ0Dxxviw . <----This playlist of videos is also good for coding/hacking ;-). BOOKS : I like hard copies...
Read more