Domain 2.3 Flashcards
What are the first two fields of an Ethernet Frame, and what is their purpose
- Preamble: 7 bytes:
56 alternating 1’s & 0’s used for synchronization, and singaling that a frame is coming. - SFD (Start Frame Delimiter) 1 byte
Used to signal the end of the Preamble.
What are the ladder three fields of an ethernet frame
Ethertype 2 bytes:
Used to describe the data contained in the payload.
Payload 46-1500 Bytes:
Layer 3 and higher data being transmitted.
FCS (Frame Check Sequence) 4 Bytes
CRC checksum of the frame.
Describe what a MAC address is
MAC Addresses are hexadecimal physical addresses of a NIC.
They are 48bits long or 6 Bytes
They are separated into two parts:
The OUI (organizationally unique ID)
&
Network interface Controller Specific serial number
Describe half duplex
A half duplex device cannot send and receive simultaneously.
- All LAN hubs are half-duplex
-Switch intfteraces can be set to as 1/2 duplex, but usually only when the device connected to the switch interface is also half/duplex
Describe full duplex
Data can be sent and received at the same time.
- A properly configured switch will be set to full duplex.
True or False, CSMA/CD is in widespread use today
False
CSMA is only half duplex ethernet, and is no longer in use.
Explain how CSMA/CD works
- Listen for an opening on the line
-If someone is transmitting, set a timer and wait - Send a frame of data when possible.
-No prioritization. - If a collision occurs
- Send a jam signal to notify other TX’ers that a collision occured. - Everyone sets a random timer, waits, and then starts back at step 1.
What are the primary functions of a switch
To forward or drop frames.
Gather a constantly updating list of MAC addresses.
- Built using the Src MAC of incoming frames.
Maintain a loop-free environment using STP
How does a switch learn MAC addresses, and what does it do when it cannot find a MAC.
The switch will take note of the src address of the frame and the interface that the frame came in on.
If the Switch does not know the interface that the dest MAC is on, it will flood the frame to everyone. Devices ignore the frame if it is not addressed to them.
What is NDP and how do routers discover one another using it?
Network discovery protocol.
Routers that are brought online will perform a Router Solicitation (RS) and the other routers that have a multicast address configured will respond with a RA (router adverstimsent)
Why was NDP created
It is used with IPv6 to replace ARP. Instead of using broadcasts, which don’t exist in IPv6, NDP makes use of multicast
What is SLAAC?
Stateless Address Auto-configuration:
- Devices automatically create themselves an IP address without a DHCP server.
What is DAD
Duplicate Address Detection -
Protocol that will detect duplicate IP addresses.
How do endpoints find one another using NDP?
Endpoints send NS (Neighbor Solicitations) to a multicast address.
Other Endpoints will respond using a NA (Neighbor Advertisement) with their MAC Address
What are the two forms of PoE
EndSpans - Devices with built in power
MidSpans - Devices that are in-line power injectors
What are the two power modes for PoE
Mode A: Power over data pairs - used
Cat5 and newer
Mode B: Power on the spare pairs
Only used with Cat5 and older 10/100 Mbit/s
What is IEEE 802.af
The original PoE standard
15.4 watts DC power
What is IEEE 802.at
PoE+
25.5 watts DC power
What is a LAN consisted of
A group of devices in the same broadcast domain
What can VLAN be described as
A group of devices in the same broadcast domain separated logically instead of physically.
What is added to Ethernet Frames to denote which VLAN the Frame belongs to?
VLAN ID - 12 bits long allowing up to 4094 possible VLANs
What is the “Default VLAN” value, and the default range?
Default VLAN = 1
Default Range = 1 - 1005
What is the Extended Range of VLAN IDs
1006-4094
What is the IEEE 802.1Q standard
This is the standard for VLAN trunking
How does data travel between switches when there are multiple VLANs crossing the same path.
802.1Q or trunk links allow for the sharing of a physical link between networking device where VLAN traffic can cross.
How can the performance concerns between hosting Voice and data over the same line be addressed?
Put Voice and data on separate VLANs. This provides separation so that data congestion does not add delay and latency to voice. Each port on the switch can be set up as a 802.1q trunk
What is STP and what feature deficiency exists at layer 2 that justifies it
There is no TTL for layer 2 frames. If a loop were to occur, frames will exist and be amplified forever.
STP provides loop protection used when connecting two or more switches together.
What is 802.1D
Older version of STP that was designed to provide loop protection on bridged (switched) networks
What is 802.1w
RSTP - updated STP
-Faster convergence following network changes.
- Backwards compatible with 802.1d
- Mostly an update to STP, not a complete overhaul
What are the four STP port states?
Blocking - Interface is not forwarding traffic in order to prevent loop.
Listening - Not forwarding and cleaning the MAC Table.
Learning - Not forwarding and adding to the MAC table
Forwarding - Data passes through and is fully operational
Disabled - The admin turned the interface off.
What are the basic interface items that need to be configured for a switch interface?
The config on the switch interface must match the device that is connected on the other side. The interface can be set to automatic and will match the device connected, or manual, with which these settings are needed:
Speed:
Duplex:
What are common layer 3 interface settings
Routing interfaces-
-Management Interfaces
-IP Addresses, Subnet Mask, Default Gateway, and DN
True or False: Each device port on a switch should be assigned a VLAN
True. it is a best practice to have each port be configured.
What is the point of trunking and what is its IEEE #
802.1Q
Trunking is used to connect switches together, and allows for multiple VLANs to traverse a single link
What are the two types of vlan frames & explain them
Tagged and Untagged
-Non-tagged frames are on the default VLAN, which is also considered the native LAN.
-Tagged frames have a VLAN ID in the frame.
How are tags on Ethernet frames managed
Trunk ports add VLAN tags to outgoing frames.
Trunk ports remove VLAN tags on incoming frames.
What is LAG?
Link Aggregation Control Protocol (LACP)
-Allows multiple switch interfaces to act as a single interface.
- Adds additional automation and management.
What is port mirroring, why is it useful, and how can it be implemented?
-Allows traffic to be copied from one interface to another
- Can be used for PCAP for IDS or other systems
Typically implemented using a Network Tap or Span port on the switch itself.
What is a Jumbo frame
A frame that has a payload size greater than 1500 bytes
Up to 9,216 bytes (9000 is typically accepted)
What is the benefit or purpose of jumbo frames.
-They increase transfer efficiency
This results in fewer packers to switch/route
True or False: All devices are configured with Jumbo Frames by default
False:
Not all devices support jumbo frames, and Jumbo frames
What is 802.3x and why is it needed?
Ethernet networks do not have flow control. As a result, the network flow can be too fast for the buffers on some networking devices such as switches, which will cause dropped packets.
802.3X is the “pause” frame
What are some ways to increase port level security
Configure a Max # of SRC MAC addresses on a single port.
The switch will then keep a list of MAC Addresses, once the maximum has been exceeded, the port will be disabled
What is MDI and MDI-X
MDI is the MEdia Dependant Interface, This would be the cabling that is included on the NIC of an endpoint device
MDI-X is the standard for Switch and router interfaces
What is a straight through cable using the MDI matrix
MDI - MDIX
What is a cross over cable using MDI Matrix
MDI - MDI
or
MDI-X - MDI-X
