Ethernet Fundamentals Flashcards
What type of cable does Ethernet use?
Twisted pair cables
What type of cable is 10BASE-T?
Unshielded twisted pair
Cat 3
What is the maximum speed and distance of 10BASE-T cable?
Maximum speed: 10 Mbps
Maximum distance: 100 metres
What type of device access?
- Very organized and orderly
- Need an electronic token to transmit
- Example: Token Ring networks
Deterministic
What type of device access?
- Very chaotic
- Transmit (almost) whenever you want
- Example: Ethernet networks
Contention-based
What type of transmission do Ethernet devices use?
Carrier Sense Multiple Access/Collision Detect (CSMA/CD)
Carrier sense multiple access/collision detect (CSMA/CD) is used by which type of devices?
Ethernet
The following describes which type of tranmission?
- Listen to the wire, verify if it is not busy
- All devices have access at any time
- If two devices transmit at the same time, a collision occurs
> Back off, wait a random time, try again
Carrier Sense Multiple Access/Collision Detect (CSMA/CD)
- Comprised of all devices on a shared Ethernet segment (everything on the same cable or hub)
- Devices operate at half-duplex when connected to a hub (Layer 1 device)
- Devices must listen before they transmit to avoid collisions when operating as CSMA/CD
Collision domains
- Ethernet switches increase scalability of the network by creating multiple collision domains
- Each port on a switch is a collision domain, no chance of collisions, and increases speed
- Switches can operate in full duplex mode
Collision domains with switches
- The measure of how many bits the network can transmit in 1-second (bps)
- Capacity is determined by the type of cable
Bandwidth
What is the bandwidth capacity of Ethernet?
10 Mbps
What is the bandwidth capacity of Fast Ethernet?
100 Mbps
What is the bandwidth capacity of Gigabit Ethernet?
1000 Mbps (1 Gbps)
What is the bandwidth capacity of 10-Gigabit Ethernet?
10 Gbps
What is the bandwidth capacity of 100-Gigabit Ethernet?
100 Gbps
What is the media type, bandwidth capacity, and distance limitation of 10BASE-T?
Media type: Cat 3 or higher
Bandwidth capacity: 10 Mbps
Distance limitation: 100 m
What is the media type, bandwidth capacity, and distance limitation of 100BASE-TX?
Media type: Cat 5 or higher
Bandwidth capacity: 100 Mbps
Distance limitation: 100 m
What is the media type, bandwidth capacity, and distance limitation of 1000BASE-TX?
Media type: Cat 6 or higher
Bandwidth capacity: 1 Gbps
Distance limitation: 100 m
What is the media type, bandwidth capacity, and distance limitation of 1000BASE-SX?
Media type: MMF
Bandwidth capacity: 1 Gbps
Distance limitation: 220 m
What is the media type, bandwidth capacity, and distance limitation of 1000BASE-LX?
Media type: MMF, SMF
Bandwidth capacity: 1 Gbps
Distance limitation: MMF - 550m; SMF - 5km
What is the media type, bandwidth capacity, and distance limitation of 1000BASE-ZX?
Media type: SMF
Bandwidth capacity: 1 Gbps
Distance limitation: 70 km
What are the primary devices used in networks?
Routers, switches
- Layer 1 device used to connect multiple network devices/workstations
- Known as multiport repeaters
- Three basic types: passive, active, smart
Hub
What type of hub repeats signal with no amplication?
Passive
What type of hub repeats signal with amplification?
Active hub
What type of hub is an active hub with enhanced features like SNMP?
Smart hub
- Hubs (layer 1) were used to connect multiple network segments together
- Each LAN segment becomes a separate _______
Collision domain
- Analyzes source MAC address in frames entering the bridge and populate an internal MAC address table
- Makes intelligent forwarding decisions based on destination MAC address in the frames
Bridge
- Layer 2 device used to connect multiple network segments together
- Essential a multiport bridge
- Learns MAC addresses and make forwarding decisions based on them
- Analyzes source MAC addresses in frames entering
- Populates an internal MAC address table based on them
Switch
- Each port represents an individual collision domain
- All ports belong to the same broadcast domain
Layer 2 switch
- Layer 1 device used to connect multiple network devices/workstations
- Known as hubs
- Three basic types: passive, active, smart
Multiport repeater
- Layer 3 device used to connect multiple networks together
- Makes forwarding decisions based on logical network address information
> Such as using IP addresses (IPv4 or IPv6) - Typically more feature rich and support a broader range of interface types than multilayer switches
- Each port is a separate collision domain
- Each port is a separate broadcast domain
Router
- Layer 3 device used to connect multiple network segments together
- Can make Layer 3 routing decisions and interconnect entire networks (like a router), not just network segments (like a switch)
Layer 3 switch
How many possible collision domains, broadcast domains, and which layer of the OSI for hubs?
Possible collision domains: 1
Possible broadcast domains: 1
OSI Layer: 1
How many possible collision domains, broadcast domains, and which layer of the OSI for bridges?
Possible collision domains: 1 per port
Possible broadcast domains: 1
OSI Layer: 2
How many possible collision domains, broadcast domains, and which layer of the OSI for switches?
Possible collision domains: 1 per port
Possible broadcast domains: 1
OSI Layer: 2
How many possible collision domains, broadcast domains, and which layer of the OSI for multilayer switches?
Possible collision domains: 1 per port
Possible broadcast domains: 1 per port
OSI Layer: 3+
How many possible collision domains, broadcast domains, and which layer of the OSI for routers?
Possible collision domains: 1 per port
Possible broadcast domains: 1 per port
OSI Layer: 3+
The following are features of what?
- Features to enhance network performance, redundancy, security, management, flexibility, scalability
- Common switch features
- VLANs
- Trunking
- Spanning Tree Protocol (STP)
- Link aggregation
- Power over Ethernet
- Port monitoring
- User authentication
Ethernet Switch features
What is 802.3ad?
Link aggregation
What is the standard for link aggregation?
802.3ad
Congestion can occur when ports all operate at the same speed. This allows for:
- Combination of multiple physical connections into a single logical connection
- Bandwidth available is increased and the congestion is minimized or prevented
Link aggregation
What is 802.3af?
Power over Ethernet
What is the standard for Power over Ethernet?
802.3af
What is 802.3at?
Power over Ethernet+
What is the standard for Power over Ethernet+?
802.3at
- Supplies electrical power over Ethernet
> Requires CAT 5 or higher copper cable
> Provides up to 15.4 watts of power to device - Two device types:
> Power Sourcing Equipment (PSE)
> Powered Device (PD)
Power over Ethernet
Supplies electrical power over Ethernet up to 25.5 W
Power over Ethernet+
What are the two types of devices with Power over Ethernet?
- Power Sourcing Equipment (PSE)
- Powered Device
- Helpful to analyze packet flows over network
> Connect a network sniffer to a hub and it sees all
> Switches require ________ for network analyzer to see all the traffic
Port monitoring
Makes a copy of all traffic destined for a port and sends it to another port
Port mirroring
What is 802.1x?
User authentication
What is the standard for user authentication?
802.1x
- For security purposes, switches can require ________ before providing access to the network
- Once this is done, a key is generated and shared between the supplicant (device wanting access) and the switch (authenticator)
- Server checks the supplicants credentials and creates the key
- Key is used to encrypt the traffic coming from and being sent to the client
User authentication
What are the two options to configure and manage switches?
SSH and console port
Remote administration program that allows you to connect to the switch over the network
SSH
Allows for local administration of the switch using a separate laptop and a rollover cable (DB-9 to RJ-45)
Console port
- Involves keeping all network configuration devices on a separate network
Out-of-band (OOB)
SSH and console port are two options to _____ and ______ switches
Configure and manage
- One type of first-hop redundancy protocol
- Uses virtual IP and MAC addresses to provide an “active router” and a “standby router”
> Cisco-proprietary protocol
> If Active if offline, then standby answers
Hot Standby Router Protocol (HSRP)
The following are example of what type of protocols?
- Hot Standby Router Protocol (HSRP)
> Uses virtual IP and MAC addresses to provide an “active router” and a “standby router”
> Cisco-proprietary protocol
> If Active if offline, then standby answers - Gateway Load Balancing Protocol (GLBP)
> Cisco-proprietary protocol - Virtual Router Redundancy Protocol (VRRP)
> Open-source protocol - Common Address Redundancy Protocol (CARP)
> Open-source protocol
First-Hop Redundancy protocols
What are the two Cisco-proprietary first-hop redundancy protocols?
Hot Standby Router Protocol (HSRP)
Gateway Load Balancing Protocol (GLBP)
What are the two open-source first-hop redundancy protocols?
Virtual Router Redundancy Protocol (VRRP)
Common Address Redundancy Protocol (CARP)
Permits or denies traffic based on a device’s MAC address to improve security
MAC filtering
Multilayer switches may permit or deny traffic based on IP addresses or application ports
Traffic filtering
What is 802.1D?
Spanning Tree Protocol (STP)
What is the standard for Spanning Tree Protocol (STP)?
802.1D
- Permits redundant links between switches and prevents looping of network traffic
- Availability is measured in 9s
> Five 9s is 99.999% uptime
> Only 5 minutes down per year is allowed - Without it, MAC address table corruption can occur
- Shortest Path Bridging (SPB) is used instead of _______ for larger network environments
Spanning Tree Protocol (STP)
- Used instead of STP for larger network environments
Shortest Path Bridging (SPB)
- If broadcast frame received by both switches, they can forward frame to each other
- Multiple copies of frame are forwarded, replicated, and forwarded again until the network is consumed with forwarding many copies of the same initial frame
Broadcast storm
- Switch elected to act as a reference point for a spanning tree
- Switch with the lowest bridge ID (BID) is elected as the ______
- BID is made up of a priority value and a MAC address (with the lowest value considered root)
- All ports are designated
Root bridge
- All other switches in an STP topology that are not a root bridge
- Single root port
- All other ports are non-designated
Non-root bridge
- Every non-root bridge has a single ________
- Port closest to the root bridge in terms of cost
- If costs are equal, lowest port number is chosen
Root port
- Every network segment has a _________
- Port closest to the root bridge in terms of cost
- All ports on root bridge are ________
Designated port
- Ports that block traffic to create loop-free topology
- Do not forward traffic during normal operation, but do receive bridge protocol data units (BPDUs)
- If a link in the topology goes down, the ______ detects the failure and determines whether it needs to transition to a forwarding state
Non-designated port
- Blocking
- Listening
- Learning
- Forwarding
Port states
- Received by non-designated ports, which do not forward traffic during normal operation
Bridge protocol data units (BPDUs)
To get to the forwarding state, the non-designated port has to transition through _____ states (in total, including forwarding). What are they?
Four states: blocking, listening, learning, forwarding
Which port state?
- BPDUs are received but they are not forwarded
- Used at beginning and on redundant links
- Root and non-designated ports
Blocking
Which port state?
- Populates MAC address table
- Does not forward frames
Listening
Which port state?
- Processes BPDUs
- Switch determines its role in the spanning tree
Learning
Which port state?
- Forwards frames for operations
- Designated ports
Forwarding
- Associated with the speed of a link
- Lower the link speed, the higher the ______
- Long STP is being adopted due to higher linker speeds over 10 Gbps
- Values range from 2 million for 10-Mbps Ethernet to as little as 2 for 10 Tbps
Link costs
- Switch ports are in a single broadcast domain
- Allow you to break out certain ports to be in different broadcast domains
- Before:
> You had to use routers to separate departments, functions, or subnets
> Different switches were required for separation - Allow different logical networks to share the same physical hardware
- Same switches, but switch ports can be different
- Provides added security and efficiency
Virtual Local Area Network (VLAN)
What is 802.1q?
VLAN Trunking
What is the standard for VLAN Trunking?
802.1q
- Multiple VLANs transmitted over the same physical cable
- VLANs are each tagged with 4-byte identifier
> Tag Protocol Identifier (TPI)
> Tag Control Identifier (TCI) - One VLAN is left untagged
> Native VLAN
VLAN Trunking (802.1q)
What are the two 4-byte identifiers that VLANs are tagged with in VLAN trunking?
- Tag Protocol Identifier (TPI)
- Tag Control Identifier (TCI)
What is the one untagged VLAN called in VLAN trunking?
Native VLAN
The following are examples of what?
- VPN concentrators
- Firewalls
- DNS servers
- DHCP servers
- Proxy servers
- Content engines and switches
They serve specific functions to improve usability, performance, and security
Specialized network devices
What are some examples of specialized network devices?
- VPN concentrators
- Firewalls
- DNS servers
- DHCP servers
- Proxy servers
- Content engines and switches
Creates a secure, virtual tunnel network over an untrusted network like the Internet
Virtual private network (VPN)
One of the devices that can terminate VPN tunnels (although firewalls can also perform this function)
VPN concentrator
- Network security appliance at your boundary
- Can be software or hardware
Firewalls
_____ firewalls:
- allow traffic that originates from inside the network and go out to the internet
- block traffic originating from the internet from getting into the network
Stateful firewalls
- Conducts deep packet inspection at layer 7
- Detects and prevents attacks
- Much more powerful than basic stateless and stateful firewalls
- Continually connects to cloud resources for latest information on threats
Next Generation Firewall (NGFW)
At what layer does deep packet inspection occur
Layer 7
- Recognizes attacks through signatures and anomalies
- Host or network-based device
Intrusion detection systems (IDS)
- Recognizes and responds to attacks
- Host or network-based devices
Intrusion prevention systems (IPS)
- Converts domain names to IP addresses
- Similar to the contact list in a phone
Domain Name System (DNS)
- Domain name under a Top-Level Domain and represents a web, mail, or file server
Fully-Qualified Domain Name (FQDN)
- Contains the FQDN with method of accessing information
Uniform Resource Locator (URL)
Which DNS Record type?
- Address record maps hostname to IPv4 address
A
Which DNS Record type?
- Address record maps hostname to IPv6 address
AAAA
Which DNS Record type?
- Alias for existing record, e.g. diontraining[.]com = www[.]diontraining[.]com
CNAME (canonical name)
Which DNS Record type?
- Maps domain name to email server
MX (mail exchange)
Which DNS Record type?
- Denotes the authoritative name server for the domain
NS
Which DNS Record type?
- Refers to the canonical name
- Used for reverse DNS lookups
PTR (pointer record)
Which DNS Record type?
- Provides authoritative information about DNS zone: contact information, primary name server, refresh times
SOA (start of authority)
Which DNS Record type?
- Generalized service location record; newer protocol that doesn’t require specific protocols records like MX, CNAME, etc.
SRV
Which DNS Record type?
- Designed to hold human readable code originally
- Used now to hold machine readable data like DomainKeys Identified Email (DKIM), Sender Policy Framework (SPF), and opportunistic encryption
TXT
- Initially, clients on networks needed IP addresses manually configured (or statically assigned) to communicate
> Can lead to configuration errors
> Can become a hassle for large networks - Automates process so the majority of devices on a network automatically receive:
> IP address
> Subnet mask
> Default gateway
> DNS server addresses
Dynamic Host Configuration Protocol (DHCP)
What are the DHCP steps?
- DHCP DISCOVER
- DHCP OFFER
- DHCP REQUEST
- DHCP ACK
D.O.R.A
- Device that makes a request to external network on behalf of a client
- Used for security to perform content filtering and logging
- Workstation clients are configured to forward their packets to a ________
Proxy server
- Dedicated appliances that perform the caching functions of a proxy server
- Are more efficient than a proxy server
- Also called caching engines
Content engine
- Dedicated appliances that perform the caching functions of a proxy server
- Are more efficient than a proxy server
- Also called content engines
Caching engine
- Distributes incoming requests across the various servers in the server farm
- Also known as load balancers
Content switches
- Distributes incoming requests across the various servers in the server farm
- Also known as content switches
Load balancers
