Ethernet Fundamentals Flashcards
Ethernet Fundamentals Overview
Please refer to study guide for info/diagrams
CSMA/CD
Carrier Sense Multiple Access/Collision Detect
Carrier Sense: Listen to the wire, verify it’s not busy
Multiple Access: All devices have access at any time
Collision Detect: If two devices transmit at same time, a collision occurs.
Back off, wait random time, try again
Collision Domains
Comprised of all devices on a shared Ethernet segment (same cable or hub)
Devices operate at half-duplex when connected to a hub
Collision Domains with Switches
Ethernet switches increase scalability of the network by creating multiple collision domains.
Each port on a switch is a collision domain (no chance of collisions), increases speed
Hub
Layer 1 device “Multiport repeaters”
Passive Hub: Repeats signal (no amplification)
Active Hub: Repeats signal with amplification
Smart Hub: Active hub with enhanced features (SNMP)
Bridges
Analyze source MAC address in frames entering the bridge & populate an internal MAC address table.
Make intelligent forwarding decisions based on destination MAC address in the frames.
Switch
Layer 2 device (Connects multiple network segments)
Essentially a multiport bridge
Learn MAC addresses & make forwarding decisions based on them.
Analyze source MAC in frames entering the switch & populate internal MAC table based on them.
Router
Layer 3 device (Connects multiple networks together)
Makes forwarding decisions based on IP addresses
More feature-rich & support broader range of interface types than multilayer switches
Each port is a separate collision/broadcast domain.
Layer 3 Switch
Layer 3 device (Connects multiple network segments)
Can make layer 3 routing decisions & interconnect entire networks (like a router)
Link Aggregation
802.3ad
Congestion can occur when ports all operate at same speed
Allows for combo of multiple physical connections into a single logical connection
Bandwidth available is increased & congestion minimized/prevented.
PoE
Power Over Ethernet (802.3af)
Supplies electrical power over Ethernet
Requires CAT5+
Up to 15.4 watts of power to device
PoE+ (802.3at)
Up to 25.5 watts of power to device
Device Types:
PSE (Power Sourcing Equipment)
PD (Powered Device)
Port Monitoring/Mirroring
Helpful to analyze packet flow over network
Network sniffers can see all traffic on a hub
Switches require port monitoring to see all traffic
Port mirroring makes a copy of all traffic destined for a port & sends it to another port
User Authentication
802.1x
For security purposes, switches can require users to authenticate themselves before gaining network access
Once authenticated, a key is generated & shared between the supplicant and the switch/authenticator
Auth server checks supplicant’s credentials & creates the key
Key is used to encrypt the traffic to/from the client
Management Access & Authentication
SSH: Remote admin program that allows you to connect to the switch over the network
Console Port: Allows for local admin of the switch using a separate laptop & a rollover cable (DB-9 to RJ-45)
OOB
Out-of-Band Management:
Involves keeping all network config devices on a separate network
First-Hop Redundancy
HSRP (Hot Standby Router Protocol) uses a virtual IP & MAC to provide an “active” & “standby” router
Cisco proprietary protocol
If active is offline, standby answers
Other First-Hop Redundancy Protocols
GLBP (Gateway Load Balancing Protocol)
Cisco proprietary protocol
VRRP (Virtual Router Redundancy Protocol)
Open-source
CARP (Common Address Redundancy Protocol)
Open-source
STP (Protocol)
Spanning Tree Protocol (802.1D)
Permits redundant links between switches & prevents looping of network traffic
SPB (Shortest Path Bridging) is used for larger network environments
Broadcast Storms
If broadcast frame received by both switches, they can forward frame to each other
Multiple copies of frame are forwarded, replicated, & forwarded again until the network is consumed with forwarding many copies of the same initial frame
Root Bridge
Switch elected to act as a reference point for a spanning tree
Switch with lowest bridge ID (BID) is elected as root bridge.
BID is made up of a priority value & MAC (lowest value considered the root)
Nonroot Bridge
All other switches in an STP topology
Root Port
Every non-root bridge has a single root port
Port closest to the root bridge in terms of cost
If costs are equal, lowest port number is chosen
Designated Port
Every network segment has a designated port
Port closest to the root bridge in terms of cost
All ports on root bridge are designated ports
Non-Designated Port
Ports that block traffic to create loop-free topology
Root & Nonroot Bridges
Single root port on non-root bridge
All other ports on non-root bridge are non-designated
All ports on root bridge are designated
Port States
Non-designated ports do not forward traffic during normal operation (but receive BPDUs)
If a link in the topology goes down, the non-designated port detects the failure & determines whether it needs to transition to a forwarding state
To get to the forwarding state, it has to transition through four states
The 4 Port States
Blocking:
BPDUs are received but not forwarded
Used at beginning and on redundant links
Listening:
Populates MAC table
Does not forward frames
Learning:
Processes BPDUs
Switch determines its role in the spanning tree
Forwarding:
Forwards frames for operations
Root & Non-designated ports are blocking
Designated ports are forwarding
Link Costs
Associated with the speed of a link 10Mbps = 100 100Mbps = 19 1Gbps = 4 10Gbps = 2
Long STP is being adopted due to higher link speeds
Values range from 2,000,000 for 10Mbps to as little as 2 for 10Tbps
VLAN
Virtual Local Area Network
Switch ports are in a single broadcast domain
Allows you to break out certain ports to be in different broadcast domains
Allows different logical networks to share the same physical hardware
Provides added security & efficiency
VLAN Trunking
Also Identifier
(802.1q)
Multiple VLANs transmitted over the same physical cable
VLANs are tagged with 4-byte identifier:
TPI (Tag Protocol Identifier)
TCI (Tag Control Identifier)
One VLAN is left untagged (Native VLAN/VLAN0)
VPN Concentrator
VPNs create a secure, virtual tunnel network over an untrusted network (like the internet)
Concentrators can terminate VPN tunnels (firewalls can do this too)
NGFW
Next-Generation Firewall:
Conducts deep packet inspection at layer 7
Detects & prevents attacks
Much more powerful than basic stateless/stateful firewalls
Continually connects to cloud resources for latest info on threats
IDS/IPS
Intrusion Detection System (IDS):
Recognizes attacks via signatures & anomalies
Intrusion Prevention System (IPS):
Recognizes & responds
Host or network-based devices
DNS
Domain Name System:
Converts domain names to IP addresses
Similar to a phone contact list
FQDN
Fully-Qualified Domain Name:
Domain name under a Top-Level Domain & represents a web, mail, or file server (.com, .net, .mil, .edu)
URL
Uniform Resource Locator:
Contains the FQDN with method of accessing info
Example: https://www.diontraining.com
Proxy Server
Device that makes a request to external network on behalf of a client.
Used for security to perform content filtering/logging
Workstation clients are configured to forward their packets to a proxy server
Content Engine
AKA: “Caching Engines”
Dedicated appliances that perform the caching functions of a proxy server
More efficient than a proxy server
Content Switches
AKA: “Load Balancers”
Distributes incoming requests across the various servers in the server farm
Useful for large companies like Amazon
Deterministic Network
Organized & orderly
Need an electronic token to transmit
Ex: Token ring networks
Contention-Based
Very chaotic
Transmit (almost) whenever you want
Ex: Ethernet networks
Distance Limitations - Copper
Media, Bandwidth, Distance
10BASE-T (Cat3) = 100m 100BASE-TX (Cat5) = 100m 1000BASE-T (Cat5e) = 100m 1000BASE-T/10GBASE-T (Cat6) = 1/10Gbps = 100m/55m 10GBASE-T (Cat6a) = 100m 10GBASE-T (Cat7) = 100m 40GBASE-T (Cat8) = 30m
Distance Limitations - Fiber
Media, Bandwidth, Distance
100BASE-FX (MMF) = 2km 100BASE-SX (MMF) = 300m 1000BASE-SX (MMF) = 220-550m 1000BASE-LX (SMF/MMF) = 5km/550m 10GBASE-SR (MMF) = 400m 10GBASE-LR (SMF) = 10km
S is NOT single!
VPN Headend
A specific type of VPN concentrator used to terminate IPsec VPN tunnels within a router or other device.
Unified Communications (or Call) Manager
Used to perform the call processing for hardware & software-based IP phones.
ICS
Industrial Control System:
Describes the different types of control systems & associated instrumentation.
SCADA
Supervisory Control & Data Acquisition:
Acquires & transmits data from different systems to a central panel for monitoring & control.
