1.3 Explain the concepts and characteristics of routing and switching. Flashcards
The MAC address
- Ethernet Media Access Control address
- –The “physical” address of a network adapter
- –Unique to a device
- 48 bits / 6 bytes long hexadecimal
Half-Duplex
- A device cannot send and receive simultaneously
* All LAN hubs are half-duplex devices
• Full-duplex
• Data can be sent and received at the same time
• A properly configured switch interface
will be set to full-duplex
CSMA/CD
- CS - Carrier Sense MA - Multiple Access
- CD - Collision Detect Two stations talking at once - not used any longer
• Listen for an opening and Don’t transmit if the network is busy
- If a collision occurs Transmit a jam signal
- Wait a random amount of time, then retry
CSMA/CA
- CA - Collision Avoidance
- Common on wireless networks
- Collision detection isn’t possible
Collision Domains
Separated by switch/bridge interfaces
Broadcast Domains
Separated by router interfaces
• Stops at the router
Unicast
- One station sending information to another station
* Does not scale optimally for streaming media
Multicast
- Delivery of information to interested systems
* One to many
Broadcast
- Send information to everyone at once
- One packet, received by everyone
- Routing updates, ARP requests
- Not used in IPv6 - focus on multicast
LANs
- Local Area Networks
* A group of devices in the same broadcast domain
Virtual LANs
- Virtual Local Area Networks
- A group of devices in the same broadcast domain
- Separated logically instead of physically
802.1Q trunking
- Take a normal Ethernet frame
* Add a VLAN header in the frame
Spanning Tree Protocol
Loop protection
• Connect two switches to each other
• IEEE standard 802.1D to prevent loops
Spanning Tree Protocol Port States
- Blocking - Not forwarding to prevent a loop
- Listening - Not forwarding and cleaning the MAC table
- Learning - Not forwarding and adding to the MAC table
- Forwarding - Data passes through and is fully operational
- Disabled - Administrator has turned off the port
RSTP (802.1w) • Rapid Spanning Tree Protocol (802.1w)
- Faster convergence
- From 30 to 50 seconds to 6 seconds
- Backwards-compatible with 802.1D STP
Basic Interface Configuration
- Needs to match on both sides
- Speed: 10 / 100 /1,000
- Duplex: Half/Full
IP address management
• Layer 3 interfaces
• VLAN interfaces
• IP address, subnet mask/CIDR block,
default gateway, DNS (optional)
VLANs
- VLAN assignment
* Each device port should be assigned a VLAN
Trunking
• Connecting switches together - Multiple VLANs in a single link
Tagged and untagged VLANs
- A non-tagged frame is on the default VLAN or native VLAN
* Trunk ports will tag the outgoing frames and remove the tag on incoming frames
DMZ
- Demilitarized zone
* An additional layer of security between the Internet and you
Powering devices
PoE and POE+ - 15.4 watts DC power
• POE+: IEEE 802.3at-2009 - 25.5 watts DC power
Port mirroring
- Examine a copy of the traffic
* Port mirror (SPAN), network tap
Routing
• Send IP packets across the network
• Forwarding decisions are based
on destination IP address
• Each router only knows the next step
• The list of directions is held in a routing table
• Each router rewrites the frame to add its own data-link header
Static routing
• Administratively define the routes - You’re in control
Advantages of Static routing
- Easy to configure and manage on smaller networks
- No overhead from routing protocols
- Easy to configure on sub networks (only one way out)
- More secure - no routing protocols to analyze
disadvantages of Static routing
- Difficult to administer on larger networks
- No automatic method to prevent routing loops
• If there’s a network change, you have to manually update the routes
Dynamic routing
- Routers send routes to other routers
* Routing tables are updated in (almost) real-time
Advantages of Dynamic routing
- No manual route calculations or management
- New routes are populated automatically
- Very scalable
Disadvantages of Dynamic routing
- Some router overhead required
* Requires some initial configuration to work properly
Default route
- A route when no other route matches
* Go that way -> rest of the world
AS (Autonomous System)
• “An AS is a connected group of one or more IP prefixes run by one or more network operators which has a run by one or more network operators which has a SINGLE and CLEARLY DEFINED routing policy.”
Gateway Protocols and Exterior Gateway Protocols
IGP (Interior Gateway Protocol)
- Used within a single autonomous system (AS)
- Not intended to route between AS
- IPv4 dynamic routing/• IPv6 dynamic routing
- OSPFv2 (Open Shortest Path First)
- RIPv2 (Routing Information Protocol version 2)
- EIGRP (Enhanced Interior Gateway Routing Protocol)
EGP (Exterior Gateway Protocol)
- Used to route between autonomous systems
- BGP (Border Gateway Protocol)
- Many organizations use BGP as their EGP
Dynamic routing protocols
- Listen for subnet information from other routers
- Provide subnet information to other routers
- Determine the best path based on the gathered information
• Different convergence process
for every dynamic routing protocol
Hybrid routing protocols
- A little link-state, a little distance-vector
- BGP (Border Gateway Protocol)
- Determines route based on paths, network policies, or configured rule-sets
Link-state routing protocols
- Information passed between routers is related to the
- Faster is always better, right?
- Used most often in large networks
- OSPF - Large, scalable routing protocol
Distance-vector routing protocols
- Information passed between routers contains routing tables
- How many “hops” away is another network? The deciding “vector” is the “distance”
- RIP, RIPv2, EIGRP
- Good for smaller networks and Very little configuration
The IP address of a device
- Every device needs a unique IP address
- Subnet mask, e.g., 255.255.255.0
- Used by the local workstation to determine what subnet it’s on
- The subnet mask isn’t (usually) transmitted across the network
subnwt mask
• The subnet mask determines what part of the IP
• The subnet mask is just as important
as your IP address!
IPv4 addresses - Internet Protocol version 4
- OSI Layer 3 address • Since one byte is 8 bits,
* Maintains an IPv4 routing table
IPv6 addresses
• Internet Protocol v6 - 128-bit address
IPv6 address compression
• Uses IPv6 dynamic routing protocols
Tunneling IPv6
- 6 to4 addressing
- Send IPv6 over an existing IPv4 network
- Creates an IPv6 based on the IPv4 address
- No support for NAT
- IP protocol 41 - a transition technology
- Tunnel IPv4 traffic on an IPv6 network
Teredo/Miredo
- Tunnel IPv6 through NATed IPv4
- End-to-end IPv6 through an IPv4 network
- No special IPv6 router needed
- Miredo - Open-source Teredo for Linux,
NDP (Neighbor Discovery Protocol)
- No broadcasts!
- Operates using multicast over ICMPv6
- Neighbor MAC Discovery
- Replaces the IPv4 ARP
SLAAC (Stateless Address Autoconfiguration)
• Automatically configure an IP address without a DHCP server
DAD (Duplicate Address Detection)
• No duplicate IPs!
Discover routers
• Router Solicitation (RS) and Router Advertisement (RA)
Finding Router
- ICMPv6 adds the Neighbor Discovery Protocol
- Routers also send unsolicited RA messages • From the multicast destination of ff02::1
- Sent as a multicast
• Neighbor Solicitation (NS)
- Neighbor Advertisement (NA)
- Neighbor Advertisement (NA)
- There’s no ARP in IPv6
NAT (Network Address Translation)
• Destination address is translated
from a public IP to a private IP
• Does not expire or timeout
Port Forwarding
Managing Network Traffic
Packet shaping - • Control by bandwidth usage or data rates
QoS (Quality of Service)
Managing QoS - • Voice over IP traffic has priority over web-browsing, • Prioritize by maximum bandwidth, traffic rate, VLAN, etc.
• CoS (Class of Service)-OSI Layer 2-Differentiated Services (DiffServ)
• OSI Layer 3
Packet filtering
• ACLs can evaluate on certain criteria -• Source IP, Destination IP, TCP port numbers, UDP port numbers, ICMP
- Used to allow or deny traffic
- Defined on the ingress or egress of an interface
Firewall rules
- Access control lists (ACLs)
- Allow or disallow traffic based on tuples
- Source IP, Destination IP, port number, time of day, application, etc.
- Specific rules are usually at the top
- A logical path
- Implicit deny
Circuit switching
• Circuit is established between endpoints before data passes
• POTS and
PSTN (public switched telephone network)
• T1 / E1 / T3 / E3
ISDN• Use a phone number to call another ISDN modem
Packet switching
• Data is grouped into packets • The media is usually shared
• SONET, ATM,Frame,Wireless
DSL
SDN (Software Defined Networking)
- Networking devices have two functional planes of operation
- Centrally managed - Global view, single pane of glass
- Programmatically configured -• Orchestration - No human intervention
- Open standards / vendor neutral
Distributed switching
- Remove the physical segmentation
- A virtual network distributed across all physical platforms
- When a VM moves, the network doesn’t change