2.6 Compare & contrast common network configuratoin concepts Flashcards
What is a DHCP scope?
DHCP server’s address range for subnet clients
A scope of 192.168.0.100 - 192.168.0.199 allows for 100 dynamically addressed hosts on the LAN
What addresses should the DHCP scope exclude?
Addresses that have been configured statically
i.e. if you’ve manually assigned the IP address 192.168.1.10 to a printer, you would want to exclude this address from the DHCP scope to prevent the DHCP server from assigning it to another device.
How is a host configured to use DHCP?
By setting its TCP/IP config. to automatically obtain an IP address
What happens when a DHCP client connects to a network?
It broadcasts a DHCPDISCOVER packet to find a DHCP server
Since clients BROADCAST this packet, meaning they send it to all devices on the network, they do not need to know the DHCP server’s IP address
Why do DHCP servers need to have a static IP address?
To ensure DHCP clients reliably find the server for IP assignment or renewal
If the DHCP server’s IP address were to change frequently, DHCP clients wouldn’t be able to reliably locate it to obtain network configuration information.
What does the DHCP server do when it receives a DHCPDISCOVER packet?
Responds with a DHCPOFFER packet
What does a DHCPOFFER packet contain?
Address & other configuration data
other config data like the default gateway & DNS server addresses
What does the DHCP client do when it receives a DHCPOFFER packet?
Broadcasts a DHCPREQUEST onto the network
it broadcasts the packet to inform all DHCP servers on the network that the client has accespted the IP address offer provided by one of the servers
What happens after a DHCPREQUEST packet is broacasted onto the network?
Server responds with a DHCPACK packet
What happens when the client receives a DHCPACK packet?
Client broadcasts an ARP message to check that the address is unused
Meaning of ARP?
Address Resolution Protocol
What if a client detects an IP address conflict after sending an ARP message?
Meaning the client detecs a duplicate IP after sending ARP message
It declines the IP address offer & requests a new one
If it detects that it isnt used, then it proceeds to use it.
What can a client do to retain an IP address before the lease ends?
Attempt to renew or rebind the lease
What if a client can’t renew/rebind its IP address lease?
Must release the IP address & start the discovery process again
How can a client’s network configuration be changed?
i.e. assiging different IP addresses or adjusting other settings
Manually or via DHCP server
When do DHCP updates to a client’s network settings take effect?
When DHCP client seeks a new lease
A new lease can also be requested manually
What happens in a DHCP reservation?
DHCP server reserves an IP address for a device
How does a DHCP server identify the device for a reserved address?
Meaning how does it know which device to assign the reserved address
Using a list of hosts’ MAC addresses for IP assignment
When contacted by a listed host, it issues a lease for reserved IP
Some OSs send a different unique identifier instead of MAC addresses by default. Configuring the identification method ensures accurate server info.
What is a hostname?
Label assigned to a device on a network
It serves as a human-readable identifier for the device
i.e. computer01.local
How is the possibility of duplicate hostnames on the Internet avoided?
Having the hostname combined with a domain name & suffix
“web1” + “example.com” becomes “web1.example.com,” avoiding duplicates
Note that, while combining the hostname with a domain name and suffix helps, it’s part of a broader set of measures used to avoid duplicate hostnames on the Internet. (i.e. Domain registration, Reverse DNS lookup, etc.)
Meaning of FQDN?
Fully Qualified Domain Name
What is a FQDN?
Hostname combined with a domain name & suffix
i.e. nut.widget.examplle
Identify hostname of this FQDN:
nut.widget.example
nut
Identify domain name of this FQDN:
nut.widget.example
widget
Identify the TLD (domain suffix) of this FQDN:
nut.widget.example
.example
A domain suffix could also contain subdomains between the host & domain name
Meaning of TLD?
Top-Level Domain
How are FQDNs assigned & managed?
Using DNS
What is DNS?
Global hierarchy of distributed databases with domain & host info.
What is at the top of the DNS hierarchy?
Root
Root is represented by a null label, consisting of just a (.)
How many root servers does the DNS hierarchy have?
13 root-level servers
(A to M)
What is below the root in the DNS hierarchy?
TLDs
The most prevalent are genereic (i.e. .com, .org, .net, .info, .biz), sponsored (i.e. .gov, .edu), & country code (i.e. .uk, .ca, .de)
What does a client need to resolve a hostname/FQDN to an IP address?
The appropriate DNS record from a DNS server
What is an Address record (A) used for?
Resolving a host name to an IPv4 address
What are MX records used for?
Identify domain’s email server for message delivery
What does the hostname with an MX record need?
Associated A or AAAA record
What are TXT records used for?
Storing text for supporting network services
2 main reasons domain names have TXT records?
- Verify email services
- Block spam
Spam is spoofed & unwatned messages
How is SPF record implemented as?
TXT resource record in DNS
How many SPF records should each domain have?
1
What does SPF identify?
Email servers allowed to send emails for a domain
SPF checks if a sending mail server is authorized to send emails for a domain by querying its DNS records. i.e. if example.com has an SPF record specifying certain IP addresses, only those addresses can send emails as @example.com, helping to prevent spoofing and spam.
What does SPF do?
- Identifies authorized hosts
- Handles unauthorized servers
3 things SPF can do to emails from servers not on the list?
- Accept
- Flag
- Reject
Syntax used in SPF to accept emails from servers not listed?
+all
Syntax used in SPF to flag emails from servers not listed?
~all
Syntax used in SPF to reject emails from servers not listed?
-all
What does DKIM do?
Uses crpytography to validate the email’s source server
The sender’s server creates a unique digital signature by hashing specific email content and encrypting it with the sender’s private key. The recipient’s server then retrieves and verifies the DKIM signature using the sender’s public key from DNS records. If successful, it confirms the email’s origin and integrity; otherwise, it flags potential tampering for further review.
Does DKIM replace or supplement SPF?
Either or
It can do either one
How is DKIM configured?
Uploading a public encryption key as a TXT record in the DNS server
Orgs. receiving messages can use this key to verify that a message derives from an authentic server
What does DMARC framework do?
Ensures SPF & DKIM are being utilized effectively
How are DMARC policies published as?
DNS TXT record
Which DNS spam management records can DAMRC use?
SPF or DKIM or both
What does DMARC allow?
- Senders define DMARC authenticaiton failure handling
- Recipients to report failures to senders
3 ways DMARC authentication failures can be treated?
- Flag
- Quarantine
- Reject
Simplest way of assigning a node to a VLAN?
Configure switch port with a VLAN ID of 2 to 4049
i.e. Switch ports 1-10 could be VLAN 10, and ports 11-20 VLAN 20. Host A on port 2 is in VLAN 10, and host B on port 12 is in VLAN 20.
What happens when hosts are placed in separate VLANs?
They can’t directly communicate with each other
Even though they are on the same managed switch
What must each VLAN be configured with?
Its own subnet address & IP address range
How are communications between VLANs done?
Via IP router
Each VLAN must also be provisioned with its own DHCP & DNS services
Benefits of VLAN?
- Reduces broadcast traffic impact
- Eases traffic filtering & monitoring
VLANs are also used to separate nodes by traffic type, like isolating VoIP devices for easier prioritization over other VLANs.
