study notes Flashcards
What are the 3 types of media converters?
1) Single mode fiber to twisted pair.
These powered converters change light signals from SMF cabling into electrical signals carried over a copper wire Ethernet network (and vice versa).
2) Multimode fiber to twisted pair.
A different media converter model is required to convert the light signals carried over MMF media.
3) Single mode to multimode fiber.
These passive (unpowered) devices convert between the two fiber cabling types.
What is a bridge?
An Ethernet bridge operates at the data link layer (layer 2) to connect separate physical network segments, allowing them to communicate as part of the same logical network while creating separate collision domains to improve network efficiency. This reduces the number of collisions caused by having too many nodes contending for access.
What is a switch?
An Ethernet layer 2 switch performs the same sort of function as a bridge, but in a more granular way and for many more ports than are supported by bridges. Each switch port is a separate collision domain. In effect, the switch establishes a point-to-point link between any two network nodes. This is referred to as microsegmentation .
What is a MAC address?
Each Ethernet network interface port has a unique hardware address known as the Media Access Control (MAC) address. This may also be referred to as the Ethernet address (EA) or, in IEEE terminology, as the extended unique identifier (EUI) . A MAC address is also referred to as a local or physical address.
Describe the ethernet frame format.
Preamble > Start Frame Delimiter(SFD) > Destination MAC > Source MAC > Ether Type>Payload > Frame Check Sequence (FCS)
Explain I/G bit
The I/G bit of a MAC address determines whether the frame is addressed to an individual node (0) or a group (1). The latter is used for broadcast and multicast transmissions. A MAC address consisting entirely of 1s is the broadcast address (ff:ff:ff:ff:ff:ff) and should be processed by all nodes within the same broadcast domain.
how many bits is a MAC address?
A MAC/EUI address is a 48 bit (6 byte) identifier. The format of the number differs depending on the system architecture. It is often displayed as 6 groups of 2 hexadecimal digits with colon or hyphen separators or no separators at all (for example, 00:60:8c:12:3a:bc or 00608c123abc) or as 3 groups of 4 hex digits with period separators (0060.8c12.3abc, for instance).
An EUI-64 is a 64-bit hardware address. A translation mechanism allows a 48-bit MAC address to be converted to an EUI-64. EUI-64 addresses can be used with IPv6.
Explain the Burned-In Address
The IEEE gives each card manufacturer a range of numbers, and the manufacturer hard codes every interface produced with a unique number from their range. This is called the burned-in address or the universal address. The first six hex digits (3 bytes or octets), also known as the Organizationally Unique Identifier (OUI), identify the manufacturer of the adapter. The last six digits are a serial number.
What is the standard Ethernet frame Max length?
A standard Ethernet frame has a maximum length of 1518 bytes, excluding the preamble. Each frame has an 18-byte header:
6-byte destination and source MAC address fields.
4-byte error checking field.
2-byte EtherType field.
The maximum size of the data payload is 1500 bytes. The upper limit of the payload is also referred to as the maximum transmission unit (MTU).
To comply with CSMA/CD, the minimum length of an Ethernet frame is 64 bytes, so the payload must be at least 46 bytes. If this is not the case, it is automatically padded with redundant data.
what does a packet sniffer do?
A sniffer captures frames moving over the network medium.
What are the three main options for connecting a sniffer to the appropriate point in the network?
SPAN (switched port analyzer)/mirror port-this means that the sensor is attached to a specially configured port on the switch that receives copies of frames addressed to nominated access ports (or all the other ports). This method is not completely reliable. Frames with errors will not be mirrored and frames may be dropped under heavy load.
Passive test access point ( TAP )-this is a box with ports for incoming and outgoing network cabling and an inductor or optical splitter that physically copies the signal from the cabling to a monitor port. There are types for copper and fiber optic cabling. Unlike a SPAN, no logic decisions are made so the monitor port receives every frame-corrupt or malformed or not-and the copying is unaffected by load.
Active TAP-this is a powered device that performs signal regeneration (again, there are copper and fiber variants), which may be necessary in some circumstances. Gigabit signaling over copper wire is too complex for a passive TAP to monitor and some types of fiber links may be adversely affected by optical splitting. Because it performs an active function, the TAP becomes a point of failure for the links in the event of power loss.
What is TCPDUMP?
tcpdump is a command-line packet capture utility for Linux, providing a user interface to the libpcap library. The basic syntax of the command is:
tcpdump -i eth0
tcpdump -i eth0 “src host 10.1.0.100 and (dst port 53 or dst port 80)”
What is the difference between a managed and unmanaged switch?
Unmanaged versus managed-On a SOHO network, switches are more likely to be unmanaged, standalone units that can be added to the network and run without any configuration. The switch functionality might also be built into an Internet router/modem. On a corporate network, switches are most likely to be managed. This means the switch settings can be configured. If a managed switch is left unconfigured, it functions the same as an unmanaged switch does.
What is the difference between a modular and fixed switch?
Modular versus fixed-A fixed switch comes with a set number of ports that cannot be changed or upgraded. A modular switch has slots for plug-in cards, meaning they can be configured with different numbers and types of ports.
What does it mean when a switch is stackable?
Switches that can be connected together and operate as a group. The switch stack can be managed as a single unit.
How do you configure a managed switch?
Configuration of a managed switch can be performed at a command line interface (CLI). Once you have established a connection to the switch’s management interface, you can configure settings for each of the switch port interfaces. These settings control the network link configured for each client device attaching to the switch.
what are the 3 priciple modes of Cisco IOS?
User EXEC mode-This is a read-only mode where commands can be used to report the configuration, show system status, or run basic troubleshooting tools.
Privileged EXEC mode/enable mode-This allows the user to reboot or shut down the appliance and to backup and restore the system configuration.
Global configuration mode-This allows the user to write configuration updates.
what command would you use to display the switches configuration?
“show config” displays the switch’s configuration. The startup configuration ( show startup-config ) could be different from the running configuration ( show running-config ). If there has been some undocumented change to the switch, using these commands and comparing the output may reveal the source of a problem.
