NET 330 W1 Notes - Oliver-Mustoe/Oliver-Mustoe-Tech-Journal GitHub Wiki

NOTE: Information on this page is intended as notes and does contain text copy and pasted from readings/online sources. I do not claim to own this information, I have simply captured it for my studying needs.
Below are notes taken during/after class 8/29/22:

Filename: D1 -- 8/29/22

Dartmouth has 1,00 subnets, why:

  1. Data centers have hundreds, dev, payroll, academic, labs etc. (for segmentation and security)

DHCP with many subnets, how?

How to use NAT (network address translation) effectively

IPv4 is limited - 32 bits, MAC is 48, IPV6 is 128

IPv4 has 3 billion usable addresses

Segmentation, load balancing, VPN, in network design for security

Site-to-site VPNs

IPv6

Google quick = secure udp style communication, "Overview. QUIC (Quick UDP Internet Connections) is a new transport protocol for the internet, developed by Google. QUIC solves a number of transport-layer and application-layer problems experienced by modern web applications, while requiring little or no change from application writers." - link

IOT (internet of things) - driving demand

Cell phones

Home networks and cellular driving IPv6

INSTALL PACKET TRACER 8.1.1!!!

OSI MODEL

OSI MODEL

Sending a Letter:

  1. Look up recipient address

  2. Phone book? Other directory?

  3. Get zip code and street address

  4. Put in addressed envelope

  5. Write recipient and return address on envelope

  6. Put letter in mailbox

  7. Mail carrier picks letter up

  8. Takes letter to local post office

  9. Post office sorts and sends to next PO facility

  10. Uses zip code

6. How does PO know where to send next?

  1. Postal Service has "routing lists"

7. Ends up at local PO of recipient

8.  Mail carrier delivers to recipient

  1. Uses street address

NOTE: POs can look at first number of ZIP code to know where to send (not to the absolute right place, more next jump to right place) via routing lists

Sending a Packet:

  1. Look up recipient address

  2. Domain Name system (DNS)

  3. Convert Hostname to IP address

  4. Add "headers" to data (encapsulate)

  5. Prepend bits for recipient and sender IP address to data

  6. Send packet to network interface controller (NIC)

  7. Transmits onto network

  8. Sent to local router (aka default gateway)

  9. Routers sends packet to next router

  10. Uses Network part of IP address

  11. How does the router know where to send next?

  12. "Routing table" of IP networks

  13. Ends up at loca router of recipient

  14. Router and switches send to recipient

  15. Host uses MAC and IP address

"[email protected]" breakdown

  1. Grandma → Mailbox

  2. Aol.com → Translates to mail server → IP address

Nslookup = dns lookup (has different types of records, A = name to IP address, PTR = reverse lookup, MX = mail exchanger)

Multiple address is for load balancing

Most routing tables have next hop

Traceroute sends packet of TTL (Time to Live) of 1 to get responses from hosts

Layer 7 has URL of web request

Layer 4 has port numbers, TCP/UDP

Layer 3 has IP addresses

Layer 2 has MAC address

Layer 1 is the medium itself

ARP = Layer 2, IP address to MAC address translation

Firewalls that filter traffic on address and port operate at layers 3 & 4

Firewalls that filter traffic based on URL operate at layer 7

WHEN MY COMPUTER BUILDS PACKET AND GETS TO DESTINATION HEADERS ARE CHANGING!!! EVERY HOP HEADERS, CHANGE , like MAC ADDRESSES CHANGES, NAT GATEWAY CHANGES

CONSTANT CHANGE IN THE PROCESS

After Class

"Binary ANDing is the process of performing multiplication to two binary numbers. In the decimal numbering system, ANDing is addition: 2 and 3 equals 5. In decimal, there are an infinite number of answers when ANDing two numbers together. However, in the binary numbering system, the AND function yields only two possible outcomes, based on four different combinations. These outcomes, or answers, can be displayed in what is known as a truth table:

You use ANDing most often when comparing an IP address to its subnet mask. The end result of ANDing these two numbers together is to yield the network number of that address.

Question 1

What is the network number of the IP address 192.168.100.115 if it has a subnet mask of 255.255.255.240?

Answer

Step 1 Convert both the IP address and the subnet mask to binary:

192.168.100.115 = 11000000.10101000.01100100.01110011

255.255.255.240 = 11111111.11111111.11111111.11110000

Step 2 Perform the AND operation to each pair of bits---1 bit from the address ANDed to the corresponding bit in the subnet mask. Refer to the truth table for the possible outcomes:

192.168.100.115 = 11000000.10101000.01100100.01110011

255.255.255.240 = 11111111.11111111.11111111.11110000

ANDed result = 11000000.10101000.01100100.01110000

Step 3 Convert the answer back into decimal:

11000000.10101000.01100100.01110000 = 192.168.100.112" - Link

"Network address translation is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device." Wikipedia

Good website for Wireshark http://networkstatic.net/what-are-ethernet-ip-and-tcp-headers-in-wireshark-captures/
Referencing picture below

  1. Ethernet II -- Layer 2

  2. IP Header -- Layer 3

  3. TCP Header -Layer 4. I left out UDP since connectionless headers are quite simpler, e.g. Source Port, Destination Port, Length and Checksum.

Filename: Week 1 - Required Reading

OTHER

  • A network interface card (NIC) is a hardware component without which a computer cannot be connected over a network. It is a circuit board installed in a computer that provides a dedicated network connection to the computer. It is also called network interface controller, network adapter or LAN adapter.

  • Quality of service (QoS) is the use of mechanisms or technologies that work on a network to control traffic and ensure the performance of critical applications with limited network capacity. It enables organizations to adjust their overall network traffic by prioritizing specific high-performance applications.

  • A datagram is a basic transfer unit associated with a packet-switched network. Datagrams are typically structured in header and payload sections. Datagrams provide a connectionless communication service across a packet-switched network. The delivery, arrival time, and order of arrival of datagrams need not be guaranteed by the network. 

  • The datagram represents a data unit of transfer in networking. Data transmitted in a network is divided into smaller parts called datagrams. 

  • While TCP uses packets in connection-oriented protocols, datagrams are used in UDP, making them carry less information since they don't need to have a response message from the destination.

  • While communicating through networks it's important to send and receive files and information. The basic unit of communication between a source and a destination in a network is a packet.

10.1 Network Layer Overview

  • Why do we need both the network and link layers? Why not just have one or the other? The answers to these questions involve three issues: (1) performance, (2) security and (3) cost.

  • When there is only a Link layer and no Network layer, broadcast storms impact performance and security. With a router and layer 2 switch, the network can be split into subnets and address all of these problems.

  • "Divide and conquer" is the methodology for handling packet switching.

  • Each layer 2 switch only handles the switching of a subnet and each router only handles the switching among subnets

  • routers are separated into two categories: interior gateway and exterior gateway. The former is inside a domain while the latter is outside. Interior gateway routing is performed by campus class routers, while exterior gateway routing is accomplished by carrier class routers

  • The network layer performs two critical functions: (1) routing and (2) forwarding.

  • These operations are much like a traveler going from home to a destination. The routing is performed by airlines and published as airline timetables containing flight schedules, fleet, in-flight entertainment, and food menu. A traveler can plan the trip from source to destination and reserve flights using airline timetables. The forwarding is analogous to the traveler moving from one flight to another in the airport using flight tables displayed on monitors.

10.2 Connection-Oriented Networks

  • Virtual circuits [1] provide a path from source to destination in a manner that mimics a telephone circuit.

  • There are a number of salient characteristics that define these circuits. For example, call setup and teardown are necessary before data can flow; packets/cells are always received in order; packets carry a VC identifier rather than a destination host IP address; every router/switch on the source-to-destination path maintains state information for each connection; and the link and router resources, including bandwidth and buffers, are allocated for prioritized traffic.

  • Virtual circuits provide a link from source interface to destination interface.

  • The forwarding tables in a router/switch along this path are established either by permanent virtual circuits (PVCs) or switched virtual circuits (SVCs), which use a signaling scheme for call setup.

  • VCIs can be changed on each link/hop. This new VCI is produced by the forwarding table, and is analogous to a traveler's flight number on each ticket.

  • The management of multiple VCs with the same starting and ending switches is simplified by grouping them together to form a virtual path (VP), which has a virtual path identifier (VPI).

  • An input cell with a VPI/VCI = 2/4 in the cell header appears at input port 7. The routing table for this port indicates that the cell should be routed to output port 5, also indicated by the solid line of the cell flow in the switch. The VPI/VCI translation table for output port 5 provides the necessary modification of the VPI/VCI for this cell. In this case, the translation table modifies the VPI/VCI of 2/4 for this switch to a VPI/VCI of 6/4 in the cell header for the next switch's input port, which is not shown here.

  • This process is analogous to a traveler within an airport in that the port 7 corresponds to the incoming gate, 2/4 corresponds to the incoming flight number, port 5 corresponds to the outgoing gate, and 6/4 corresponds to the outgoing flight number. In an airport, a monitor is used to display the flight information, including gate number and flight number. This flight information is analogous to the switch tables of an ATM switch.

10.3 Connectionless Datagram Forwarding

10.6 The IPv4 Header

  • The length of the IP header is a multiple of 32 bits and, in the absence of options, an IP header is typically 20 bytes in length.

  • This section should be useful for the wireshark!!!

10.9.1 Network Interface and IP address

  • An IPv4 address is a 32-bit identifier for a host or router interface. Although the IPv4 address is listed for convenience as a 4-byte decimal number, e.g., 131.204.1.1, it is the corresponding binary number, i.e., 10000011 110011001100 00000001 00000001

  • In this case, the interface is a network module (or NIC) with one physical link. Client hosts typically have one interface, while routers typically have at least two. Servers may have one or more interfaces. There is one IP address and one MAC address associated with each interface.

10.9.2 Subnet

  • Traditionally, the gateway of each subnet has a host part (or host ID) = 1. For example, 131.204.1.1 is the gateway of subnet 131.204.1.0, where the host ID = 0 represents the subnet and cannot be used to represent any interface.

10.9.3 Network ID, Subnet ID and Host ID

  • There are special addresses that are used for particular purposes. For example, the addresses 127.0.0.0 through 127.255.255.255 are used by local hosts for loopback purposes. The adapter/NIC intercepts all loopback messages and returns them to the sending application.

10.9.4 Private IP Addresses

  • There are a number of private IP addresses that compensate for the shortage of IPv4 addresses. The IP standard specifies certain address ranges for Classes A, B, and C that are reserved for use by private networks.

  • Private IP addresses are blocked by the firewall of the ISP routers, but hosts residing behind a NAPT router are free to use the Private IP addresses. A NAT/NAPT capable router can perform the IP address translation that enables the public IP address sharing so that the datagrams heading to the Internet from a private-IP-address host use the public IP address as the source IP address.

10.9.5 Classless Inter-Domain Routing

  • Due to the shortage of Class A and B IP addresses, most organizations are allocated the use of multiple Class C IP addresses. The result is the routing table size is bloated by unnecessary entries that slow down the routers. Classless Inter-Domain Routing (CIDR) eliminates the class limitation resulting from the network ID.