Network+ 4 Flashcards
A bridge joins two or more LAN segments, typically two Ethernet LAN segments. Each LAN segment is in separate collision domains. A bridge makes intelligent forwarding decisions based on the destination MAC address present in a frame. a bridge analyzes source MAC address information on frames entering the bridge and populates an internal MAC address table based on the learned information. Then, when a frame enters the bridge destined for a MAC address known by the bridge’s MAC address table to reside off of a specific port, the bridge can intelligently forward the frame out the appropriate port. all ports on a bridge belong to the same broadcast domain At Layer 2, the destination MAC address of a broadcast frame is FFFF.FFFF.FFFF in hexadecimal notation. It supports the implementation of forwarding decisions based on software.
bridge
each VLAN represents a separate broadcast domain, and for traffic to travel from one VLAN to another, that traffic must be routed by a Layer 3 device. a multilayer switch could function as a router and make forwarding decisions based on destination IP address information. Like on a Layer 2 switch, each port on a multilayer switch represents a separate collision domain; however, a characteristic of a multilayer switch (and a router) is that it can become a boundary of a broadcast domain. Although all ports on a Layer 2 switch belong to the same broadcast domain, if configured as such, all ports on a multilayer switch can belong to different broadcast domains. supports policy-based routing feature, its uses upper layer info while making forwarding decisions.
VLAN
A router is a Layer 3 device, meaning that it makes forwarding decisions based on logical network address (for example, IP address) information. Although a router is considered to be a Layer 3 device, like a multilayer switch, it has the capability to consider high-layer traffic parameters, such as quality of service (QoS) settings, in making its forwarding decisions. An Ethernet broadcast domain is a logical division of devices to which the broadcast is delivered. Routers separate the LAN into multiple broadcast domains. They make forwarding decisions based on logical network address. They do not forward Ethernet broadcast frames. They either ignore the frames, or process them and then discard some broadcasts.
*** A VPN concentrator performs the processor-intensive process required to terminate multiple VPN tunnels.
router
stateful firewall allows traffic to originate from an inside network (that is, a trusted network) and go out to the Internet (an untrusted network). Likewise, return traffic coming back from the Internet to the inside network is allowed by the firewall.
Examples of top-level domains include .com, .mil, and .edu, Lower-level domains can point upward to higher-level DNS servers to resolve nonlocal FQDNs.
stateful firewall
CSMA/CD : Carrier sense: A device attached to an Ethernet network can listen to the wire, prior to transmitting, to make sure that a frame is not being transmitted on the network segment.
Multiple access: Unlike a deterministic method of network access (for example, the method used by Token Ring), all Ethernet devices simultaneously have access to an Ethernet segment.
Collision detection: If a collision occurs (perhaps because two devices were simultaneously listening to the network and simultaneously concluded that it was safe to send), Ethernet devices can detect that collision and set random back-off timers. After each device’s random timer expires, it again tries to transmit its data.
When multiple devices are connected to the same shared Ethernet segment such as a Layer 1 hub, CSMA/CD must be enabled. As a result, the network must work in half-duplex mode, which means that only a single networked device can transmit or receive at any one time. In half-duplex mode, a networked device cannot simultaneously send and receive, which is an inefficient use of a network’s bandwidth.
*** GBICs are interfaces that have a bandwidth capacity of 1Gbps and are available with MMF, SMF, and UTP connectors.
*** Devices that have the same network address belong to the same network, or subnet.
CSMA/CD
allow traffic for multiple VLANs to travel over a single connection this is called a trunk (IEEE 802.1Q popular trunking standard), One of the VLANs traveling over an 802.1Q trunk is called a native VLAN. Frames belonging to the native VLAN are sent unaltered over the trunk (untagged/no tag). However, to distinguish other VLANs from one another, the remaining VLANs are tagged. a nonnative VLAN has four tag bytes (where a byte is a collection of 8 bits) added to the Ethernet frame (tagged frame), One of these bytes contains a VLAN field. That field indicates to which VLAN a frame belongs. The devices (for example, a switch, a multilayer switch, or a router) at each end of a trunk interrogate that field to determine to which VLAN an incoming frame is associated.
VLAN (trunk)
IEEE 802.1D Spanning Tree Protocol (STP) allows a network to physically have Layer 2 loops while strategically blocking data from flowing over one or more switch ports to prevent the looping of traffic. Rapid Spanning Tree does a quicker job of adjusting to network conditions, such as the addition to or removal of Layer 2 links in the network.
STP
STP prevents Layer 2 loops from occurring in a network because such an occurrence might result in a broadcast storm or corruption of a switch’s MAC address table.
Root bridge: A switch elected to act as a reference point for a spanning tree. The switch with the lowest bridge ID (BID) is elected as the root bridge. The BID is made up of a priority value and a MAC address.
Nonroot bridge: All other switches in the STP topology are nonroot bridges.
Root Port : Every nonroot bridge has a single root port, which is the port on that switch that is closest to the root bridge in terms of cost.
Designated Port : Every network segment has a single designated port, which is the port on that segment that is closest to the root bridge in terms of cost. Therefore, all ports on a root bridge are designated ports.
Nondesignated Port : Nondesignated ports block traffic to create a loop-free topology.
STP and Root Port
Nondesignated ports do not forward traffic during normal operation but do receive bridge protocol data units (BPDUs). Switches exchange STP information in the form of BPDUs. These contain useful information for STP elections, path cost calculation, link suppression, and loop detection. If a link in the topology goes down, the nondesignated port detects the link failure and determines whether it needs to transition to the forwarding state.
Blocking: The port remains in the blocking state for 20 seconds by default. During this time, the nondesignated port evaluates BPDUs in an attempt to determine its role in the spanning tree.
Listening: The port moves from the blocking state to the listening state and remains in this state for 15 seconds by default. During this time, the port sources BPDUs, which inform adjacent switches of the port’s intent to forward data.
Learning: The port moves from the listening state to the learning state and remains in this state for 15 seconds by default. During this time, the port begins to add entries to its MAC address table.
Forwarding: The port moves from the learning state to the forwarding state and begins to forward frames.
States
An IPv4 address is a 32-bit address, each of these four divisions of an IP address represent 8 bits, these divisions are called octets, a group of contiguous left-justified bits represent the network address, and the remaining bits (that is, a group of contiguous right-justified bits) represent the address of a host on a network, The IP address component that determines which bits refer to the network and which bits refer to the host is called the subnet mask.
Class A : 1-126, 255.0.0.0, /8 — Class B : 128-191, 255.255.0.0, /16 — Class C : 192-223, 255.255.255.0, /24 — Class D : 224-239 — Class E : 240-255
The default subnet masks associated with address classes A, B, and C are called classful masks.
Classes
