Networks Flashcards
OSI acronym
_ Open Systems Interconnection
_ Developed by ISO (International Standards Organization) – [mnemonic: I happened before O]
_ developed (2) to provide greater granularity than TCP/IP; and (2) to reduce proprietary nature of networking and increase innovation
OSI model layers
(Remember layer numbers too)
_ (7) application - network applications; e.g. HTTP, FTP, DNS, firewall
_ (6) presentation - data encryption, character encodings, format transformations. E.g. SSL/TLS
_ (5) session - connections, sessions, authentication (distinguishes connections)
_ (4) transport - (segmenting, ports, retries) responsible for reliable delivery, ensuring delivery to the correct application; segments outdoing data, reassembles incoming data; retransmissions as needed (recognizes ports)
_ (3) network - routes packets (e.g based on IP address) and transmits data between hosts in different networks; e.g. router, some switches
_ (2) data link - creates ‘frame’ with MAC address; error-free delivery of data; e.g. network card, switches, bridges
_ (1) physical
TCP/IP acronym
_ Transmission Control Protocol
_ Internet Protocol
TCP/IP model layers
_ application (includes OSI presentation and session) - e.g. HTTP, FTP, Telnet, NTP, DHCP, PING, SMTP, DNS
_ transport - end-to-end transport of data; e.g. TCP, UDP
_ network - logical transmission; e.g. IP, ARP, ICMP, IGMP
_ network interface (includes OSI data link and physical) - e.g. ethernet
TCP vs UDP
_ transmission control protocol vs user datagram protocol
_ both at the transport layer
_ TCP ensures delivery of all data, redelivering if necessary
_ UDP does not redeliver data, better for streaming
_ TCP uses a connection, UDP is connectionless
Layer responsible for reliable delivery of data, including retransmissions
transport
Layer that segments and assembles data
transport
Layer that performs addressing
network
Layer that performs routing
network
Layer responsible for packets
network
Layer that makes decisions about forwarding frames
Data link
Router
_ network layer
_ connects two or more networks, forwarding data packets between them according to contents of the packets
_ can connect web server to DB server
_ usually contains a switch in the form of a wired or wireless Ethernet connection
Bridge
_ Data link layer
_ connects multiple networks, like a router
_ simply forwards packets without examining them
_ faster than routers
_ not used much any more; routers and switches are mostly used
Switch
_ Data link and network layers
_ connects devices within a network
_ a more complex version of a hub, providing security measures and conveying data without other devices noticing
_ keeps traffic from source and destination ports from interfering with other devices on the network
firewall
_ can be software or hardware
_ can operate at multiple layers, except the physical layer
_ data link - what traffic should go between the networks according to IP address
_ transport - allow or block traffic by port or by combination of address and port
Layer 4 firewall
_ a firewall that operates at the transport and network layers
Layer 7 firewall
_ a firewall that operates at the application, presentation, and session layers
_ can encrypt/decrypt and examine data
_ can filter based on combination of IP address, port, and data
repeater
_ physical layer
_ strengthens, replicates, regenerates weakened signals
Range extender
_ a repeater than inputs a distorted Wi-Fi signal and transmits to formerly dead zones
hub
_ physical layer
_ connects a router to a network
_ transmits all packets to all devices on the network
_ e.g. USB hub
_ devices on a hub listen for traffic intended for them
modem
_ physical (module/demodulate) and data link layers
Twisted pair cables
_ UTP - unshielded twisted pair; invented by Alexander Graham Bell in 1881; telephone lines
_ STP - shielded twisted pair (extra shielding to prevent electrical interference between the wires)
_ contains pairs of twisted wires
_ the tighter twisted, the less electrical interference between them
_ the tighter twisted, the higher the category
_ conveys analog data
Twisted pair connectors
_ RJ11 connector supports two pairs of wires
_ RJ45 connector supports four pairs of wires
Categories of twisted pair cables
(I think these are all unshielded)
_ CAT3 - old analog phones 10 Mbps up to 100 m
_ CAT4 - old token ring standard 16 Mpbs up to 100 m
_ CAT5 - Ethernet in the 90s and early 2000s; 100 Mpbs up to 100 m
_ CAT5e (modern) - four twisted pairs; 1 Gbps up to 100 m
_ CAT6 (modern) - four twisted pairs; 1 Gbps for 100 m; 10 Gbps for 55 m; can use UTP in racks because distances are short
_ CAT6a - 10 Gbps up to 100 m; most common today
Fiber optic cable
_ long distances at high speeds
_ glass or plastic threads
_ carry data digitally
_ more durable and more secure than electrical (protected from weather)
_ single mode cable - one fiber at higher bandwidth and 50x the distance of multi-mode; runs through ocean between continents; more expensive to use
_ multi mode cable - multiple fibers; cheaper; <= 500 m; thick fibers; run wider frequency of light up to a few miles; used within a LAN
Fiber optic connectors
_ ST - “straight tip connector”; common with multimode until the mid 2000s; replaced by LC
_ SC - “standard connector”; larger than LC
_ LC - “lucent connector”; smaller than SC; supports more ports per unit space than SC; most common
Coax cable
_ made of copper
_ metal shield to block interference, particularly from nearby metals
_ used by cable TV companies
RG-6
_ coax cable
_ connect satellite to TV
_ modern, higher bandwidth than RG-59
RG-11
_ coax cable
_ thick wire in middle, with shielding
_ go long distances because of thick wire
_ doesn’t bend well
Crossover cable
_ connects two devices of the same type directly to each other
_ computers do this via network interface controllers (NICs) or switches
_ transmit of one wire connects to receive of the other
_ not much used any more
Patch cable
_ connects device to a wall outlet
_ look like crossover and UTP cables
Ethernet standards
_ 802.3*
Wi-Fi standards
_ 802.11*
_ 802.11i (aka WPA2) published in 2004 to replace WPA
_ 802.11-2016 - SAE (simultaneous authentication of equals) to exchange the network key; eliminates the need to tell other people of the passphrase in personal mode
_ 802.11w - encryption management frames (for WPA3)
Wireless networking general rules
_ the higher the frequency, the higher the bandwidth, and the shorter distance it travels
_ 2.4 GHz and 5 GHz bands are unregulated
_ many devices (microwave ovens, telephones, etc.) operate in the 2.4 GHz range and produce interference
MAC
_ media access control
_ has a data link layer address
IP address
_ network layer address
ICMP
_ Internet Control Message Protocol
_ network layer
ping
_ sends an ICMP echo request to a host and listens for a reply
_ reports time to get a response (latency)
_ times out if no response, indicating either connectivity issues or firewall issues
_ -c n sets the ping count
_ can ping using IP or FQDN (fully-qualified domain name) or short name
traceroute/tracert
_ command
_ trace the route an IP packet takes to a destination
_ displays each hop’s (router’s) IP address and latency
_ traceroute on Linux; tracert on Windows
_ can help show where a ping is failing
_ needs superuser privileges
tracepath
_ command
_ like traceroute, shows path of packet from source to destination
_ doesn’t need superuser privileges
ipconfig/ifconfig
_ ipconfig on windows
_ ifconfig on Linux/UNIX, also running at boot time
_ provides all current TCP/IP network configurations of a computer; how interfaces are setup on a given machine
_ provides IP, subnet mask, default gateway for each network adapter
_ ipconfig shows even disabled devices, ifconfig only shows enabled devices
_ /all option shows MAC address, DHCP status, lease info
_ release command on windows releases connections and renews adaptors
ARP
_ address resolution protocol
_ command displays the IP-to-MAC address mappings for hosts in the ARP cache
_ addresses discovered by broadcasting request and noting replies
_ can add, remove, modify entries in the ARP cache
_ can’t broadcast through a router, which retains the MAC address of the router (huh?)
netstat
_ network statistics command
_ info about active ports
_ useful for capacity management
_ netstat -r displays routing info for network adapters
nslookup
_ shows limited DNS info
_ displays name-to-IP-address mappings
dig
_ domain information groper (command) _ queries DNS name servers _ receives full DNS response info _ troubleshoots DNS problems _ replacement for nslookup
whois
_ shows who owns a domain or a block of IP addresses
route
_ command
_ shows current route tables on a local host
_ used by local host to determine where to send traffic
_ 0.0.0.0 is the default gateway, where the router sends thing not otherwise defined in the routing table
_ add or remove routes
scp
_ secure copy protocol command
_ uses SSH to copy files
ftp
_ FTP is unencrypted
_ FTPs is encrypted using SSL/TLS (also used by HTTPS)
_ uses TCP for reliability
_ needed over distances where transmission errors may occur
SSL vs TLS
_ secure sockets layer
_ transport layer security
_ SSL has an inherent vulnerability, so replaced by TLS
_ both exchange a symmetric key via an asymmetric key cipher; the latter being computationally expensive, while the former makes for faster encryption/decryption
tftp
_ trivial file transfer protocol
_ transfers file from client to server or server to client using UDP, which does not retransmit
_ useful on reliable, local networks
finger
_ display info about one or more users on a remote system
_ shows username and last login
nmap
_ network mapper command _ scans network for hosts and open ports _ used to see what is deployed _ helpful for vulnerability analysis _ not native to any OS, but downloadable
tcpdump
_ displays TCP/IP packets and other packers on the network
_ a form of protocol analyzer (aka packet sniffer)
_ shows packets in human-readable form for troubleshooting or security analysis
_ not native to any OS, but downloadable
telnet/ssh
_ SSH = secure shell; encrypted
_ telnet = unencrypted
_ manage accounts and devices remotely
PAN
_ personal area network _ within 20-30 m _ around a person and their devices _ often via Bluetooth or USB _ can act as a gateway to the Internet _ e.g. Apple products
LAN
_ local area network
_ popularized in the 1960s in research labs
_ supported TCP/IP in the 1980s
_ can be wireless via Wi-Fi
_ uses router or switch to manage traffic
WLAN
_ wireless LAN
_ can act as a gateway to the internet
SAN
_ storage area network
_ gives servers access to storage devices
_ typically dedicated to storage devices
_ reduces interference with regular LAN traffic
_ might use non-traditional protocols
CAN
_ campus area network
_ networks multiple LANS over a limited area
_ each LAN usually limited to a single building or part of a building
_ like a WAN, but smaller geographic area
_ one entity usually owns all the LANs
_ routers connect each LAN
MAN
_ metropolitan area network
_ intermediate in size between a CAN and a WAN
_ e.g. a city or metro area
_ connects LANs owned by different organizations
_ usually higher speed than would be available via WAN
_ usually connected to a WAN
WAN
_ wide area network
_ e.g. the internet
_ technically, a network spanning political boundaries
_ actually, a network that connects smaller networks
_ organizations may use private WANs to minimize risk (e.g. banks)
peer-to-peer
_ aka P2P
_ every machine can act as client or server
_ e.g. Bitcoin, Tor
Bus topology
_ a line of devices connected by a shared cable
_ no longer common
_ e.g. connection of a cable modem to a router or a TV to a dish
_ ends of the cable must be terminated with special resistors; absent them, the signals bounce back along the wire causing signal reflection and loss of communication
_ the network is divided into segments that can be extended
_ half-duplex
_ all computers see all traffic; the more devices, the more collisions, making it exponentially harder to communicate
_ when collisions occur, all devices must wait for the line to clear
_ a break in the cable renders the whole network unusable
Half-duplex mode
_ send or receive, but not both at once
_ only one device at a time
Ring topology
_ a token passes around the ring indicating who can use the cable next
_ the device with the token does some quick communication and can continue that communication the next time it receives the token
_ rather than a single cable, one cable between devices, as the device forwards to the next cable
_ more reliable than bus topology, but like bus topology, any break in the cable breaks the network
Dual ring topology
_ more reliable than single ring
_ each computer has two network cards for propagating each ring
_ if both rings are broken, the break can readily be fixed by turning the whole network into a single ring by rearranging two unbroken cables
_ common in fiber optic networks, such as SONET (synchronous optical network)
Star topology
_ aka hub-and-spoke network
_ a central device (e.g. an Ethernet switch) separately connects to each device on the network
_ most common LAN configuration
_ cables can be run through walls because they don’t need to go from computer to computer
_ break in one cable only affects one device
_ central switch is a single point of failure
_ some WANs use star topology to connect remote offices to a central location
Mesh topology
_ full mesh = each node is connected to all other nodes
_ partial mesh = each node connects to a subset of other nodes
_ end points in mesh typically use Wi-Fi or radio signals so there aren’t a lot of wires
_ routers can be wired in mesh to optimize traffic
_ used for high availability
_ if one node fails, connections are easily rerouted (aka “self-healing network”)
_ e.g. the internet; wireless networks at home
Pros of centralization
_ can make sophisticated apps available on low-memory, low-clock-cycle devices
_ can scale processing power as a function of need, not limited by the power of the end point
_ can more easily secure all the data
_ can more easily back up all the data
_ data produced by one node need not be compatible with another node
Pros of decentralization
_ can operate without a network connection
_ no single point of failure affecting everyone
_ (not listed, but can’t be controlled by a few people)
Benefits of virtualization
_ readily install new (virtual) devices without needing more hardware
_ move (virtual) devices without physically moving them
_ increase app reliability by eliminating its dependence on hardware
_ create whole app point-in-time snapshots for backup and recovery purposes
_ change the computing, storage, and networking resources of the device dynamically as needed
_ improved hardware utilization (previously, servers usually operated at 5%-15% utilization)
hypervisor
_ software that enables virtual hardware/machines
_ can be, but need not be, an OS in itself (the “host” OS)
_ the software emulates the hardware
_ “guest” OSs run on the virtual hardware
_ e.g. VMware, Microsoft Hyper-V, Linux KVM, Citrix XenServer
Type 1 hypervisor
_ aka “bare-metal” hypervisor
_ an OS that dedicates the machine to virtualization
_ very little UI; administered from another computer via a web-based portal
_ e.g. VMware ESXi, open source KVM
Type 2 hypervisor
_ aka “hosted” hypervisor
_ install as an app on top of an existing OS
_ performance penalty for the level of indirection
_ e.g VMware Workstation, VMware Fusion, Microsoft Hyper-V, Parallels Desktop
Benefits of cloud computing
_ on-demand
_ self-service
_ resource pooling
_ elastic
_ accessible
_ measurable (charged for resources consumed)
_ global reach (some sites are slow from other countries)
Examples of cloud computing platforms
_ Amazon AWS
_ Google GCP (Google Cloud Platform)
_ Microsoft Azure
Cloud service models
_ IaaS - infrastructure as a service
_ PaaS - platform as a service
_ SaaS - software as a service
_ generically, XaaS, for anything shared as a service (directory service, backup, database – DBaaS)
IaaS
_ infrastructure as a service
_ access to physical servers, storage, networking
_ offers virtual machines, server virtualization, storage virtualization, network virtualization
_ customer is responsible for the OS
_ provider not responsible for consequences of hardware failure; e.g. customer is normally responsible for backups and redundancy
Lift-and-shift approach
_ moving on-premise operations into the cloud
_ doesn’t take full advantage of the cloud, because it’s basically a transfer of local operations
VPC
_ virtual private cloud network
_ per customer, or to isolate testing from production
PaaS
_ platform as a service
_ the cloud provider provides virtual servers and services
_ frees the developer from managing scaling and storage
_ e.g. web hosting
SaaS
_ software as a service
_ pretty much any network-based app
Private cloud
_ company owns and runs the cloud computing equipment, although it may be “co-located” (“co-lo”) in someone else’s data center
_ sometimes requires for regulatory reasons, depending on what the company does
Public cloud
_ cloud provider company maintains the hardware for other companies
_ the provider is sometimes able to provide better security than private customers can manage or afford
_ multi-tenant
Community cloud
_ cloud jointly owned and operated by its tenants
_ sometimes done by universities or governments
_ cloud is “semi-private” for each tenant
_ everyone shares maintenance and management
Hybrid cloud
_ combination private/public cloud
_ usually when a private company extends their in-house data centers via a public cloud
_ useful for extra resources from public cloud when needed
_ useful for isolating regulated functions in private cloud
_ the private cloud connects to the public cloud via VPN (over the internet) or a telecom’s WAN
multi-cloud
_ leveraging multiple cloud providers
_ done for different functions, for redundancy and flexibility, or to minimize expenses for certain functions
