Thursday, November 27, 2014

Happy Thanksgiving

Happy Thanksgiving!

or...  slapsgiving...



Wednesday, November 26, 2014

Introduction to Networks (non-technical)

Rather than post my typical notes from a CCNA course, I figured I'd post a non-technical description of how networks "work".  I'm going to preface this by saying this is "allegory" of TCI/IP layer 3.  This is not intended to be definitive.  

So...

You have built a company.  It's a great company.  But no one can ever find your physical location.  You live on a drab, grey, boring street.  Did I mention grey? I meant every single building is nothing but grey concrete, and the streets are bleached grey.  It is grey as far as the eye can see.

So, being the great business leader you are, you go out and buy a bucket of purple paint.  Now, purple paint is the greatest thing since sliced bread.  And because it's the greatest thing since sliced bread, it costs an arm and a leg.  To get the shade of purple you want, you buy one can of paint.  It covers the outside of the door well, but nothing else.

So, from the outside your door looks purple.  But that paint is so darn expensive, you only paint the outside.  The inside of the door is still brown.

So, a customer comes to visit.

You tell him to drive down the grey street until you see a purple door.  He find your location in minutes.  It's easy.

Back in your office, you have a discussion, and he thinks he is going to buy from you.  But he needs to talk to a few people to determine how much he wants to buy.  And he forgot how to get out of the building.

"Oh, just go out the purple door", you tell your customer.

The man spends 45 minutes wandering your halls, and finally finds you.   He curses you out, cancelling all potential business.  You are at a complete loss.  The customer can't find the purple door.

The one thing you forgot is that doors have two sides.  One side that is visible from the street, and one side that is only visible from the inside of the building.  You painted your street door purple.  It's easy to find.  But your exit door on your building?  Still just as brown as it ever was.  So telling someone to go find a purple door is an exercise in futility.

You have to name the door based off which side  you happen to be looking at.

Even though both talk about the same thing, it's a matter of which side of the door you are on.  And you have to have your discussion based on which side of the door you can see.

Tuesday, November 25, 2014

Ramblings that get longer

As it always does, my mind seems to be skipping back towards the ideas of Cyberpunk.  I’ve been a fan of the worlds created by various artists and authors for years.  Maybe that’s why I went into computers.  Doubtful, but it seems like a good answer.  Perhaps there’s some sort of draw to a world that is altogether completely overwhelming and interconnected.  Or maybe I’m just fascinated by urban density.  I’ve visited a few large cities, but they never strike me as dense until you reach certain parts of them.  All are strangely built up to a point, and then everything falls off.  The quicker people can get away from the density, the better they like it.  I can’t blame them.  It’s dead silent where I live, and as long as I don’t look towards the one street light on my block, I can see stars as far as the eye can see. 

It really makes me wonder.  One of the things I realize is the current education system will not keep up with the rate of growth.  One size fits all does not fit all.  Eventually, there’s going to be a separation of students.  There has to be to maintain technological ability and skill.  I was reading something earlier about the creation and production of virtual machines to segment individual computers for personal use.  It would be much like running VMWare for servers, but instead running it on desktops.  You’d have multiple virtual machines running throughout your computer, with each having a separate purpose.  Depending on what you were trying to do, you would create multiple virtual machines across your desktop.  With the ever present threat of virus and malware, it seems the only logical thing to do. 

Unfortunately, people like me would have to maintain those environments and would have to understand what was going on.  And some people are just technologically inept.  They have no interest or use in technology, much less a desire to learn it and learn how it works.  I often wonder what would have happened if I had learned and developed the skills I have now in my 20s instead of my 30s.  Would another decade of information have made that much difference in my future growth?  What about 20 years?  What if I had spent time learning this information in my teens?  Who would have taught a young kid the ins and outs of systems?  Could it be we will be slowly moving towards the archology models described by William Gibson?  In them, he describes people growing up in company towns and being taught company thoughts, with the idea of developing the best and brightest to become leaders in the company.


Gibson never really talks about the inside development thought much.  He only talks about “stealing talent”.  Perhaps the average person is just too simple and really doesn’t make a good story.  It’s only in the breakaway that people become interesting.  So what does it eventually become?  A collection of corporation-states all building great cities to develop the talent?  Or is it the artificial intelligence world where humans are essentially out of work because robots can handle most services like Dredd?  Both are possibilities.  

Monday, November 24, 2014

Monday Ramblings

Here are some ramblings for Monday.

The subcontract work fell through.  I spent about 45 minutes on the phone explaining how TCP/IP layer 3 works, and finally got them to know what they needed to know.  I guess a broad knowledge of networking helps a lot when working in an industry that is increasingly network based.  It doesn't help that most networking issues happen at layer 1.  The issue there was a layer 3 addressing issue.  Pictures don't help some people.

After messing with my current reading chart, I determined it will take me (on average) until January 17th to finish the next book.  Strange what a few excel formulas can do.  It's almost magical.   The formula here happens to be

(today's date + (estimated remaining sessions * average days between reading))

estimated remaining sessions = (total pages - current page ) / average increase in page count

So, by close to February I'll be back into an old Security+ book, Some time after that, I'll be into the book on Physics.  Progress, as it were, is happening.  After starting over with the Active Directory book, I'm about 12.7% complete with my reading goal.  That doesn't seem like much, but it more progress than I've made in years.  

It's hard to remember that progress only happens when it is intentional.  Rambling through life will not get you where you want to go.  Make a plan, and go there.  That's the only way to get to the end of the path.  And if that path takes reading 5,200 pages, then so be it.  At least you've got a plan, which is a lot more than most people have.

Finals are next Monday, so I'll finish up Introduction to Networking then and be free for a few weeks.  Fighting issues with the next class, but we'll see what happens with that.  The issue is a supply/demand problem.  The next class filled up in three days.  Every other class doesn't have the people as the one section I want to take.  Lovely stuff.



Friday, November 21, 2014

late night, post upgrade

12:35 at night.  Just finished an upgrade.  The BUYPAK 6.00.10 (Verifone Ruby/Sapphire) upgrades are done for the moment.  I'm a little bit tired and wired at the same time.

On the drive home, I started contemplating the Internet as envisioned by the likes of William Gibson.  I think it's pretty simple (in theory).  All you'd have to do is continuously ping and tracert the Internet, and use some searching algorithms to place all the live IP addresses on a globe, with a vague idea of where everything.  Merge it with Google Maps, and you could swing around a virtual globe.  Public IP addresses tied to physical locations and areas.  Sounds interesting in my head, at least.

I guess I'm still obsessed by the idea of cyberpunk and most dystopian future books.  Akira comes to mind, as does Ghost in the Shell.  Maybe a bit of Snow Crash?

Maybe the future I always envisioned is possible, and here.  Just not the way we imagined it.  Really.  I can control computers half-way around the world with a cell phone application.

I guess I should quit rambling and wander to bed.  It does seem an interesting world, though.

Thursday, November 20, 2014

Random Thoughts

Seeing as how I'm behind the curve on updates, today is another day of random thoughts!

I've been finishing up an Active Directory computer roll out.  This grouping I created after creating my first set.  I should have set up a template before creating that first test machine.  Eh well.  A template is now created.  I just have to figure out why web filtering isn't working.  I think I need to read more about application deployment.  There's probably something I'm missing.

I'm looking at some subcontracting work in next couple of weeks.  More on that after the contract is over.

I'm still not registered for the next section of Cisco classes.  The class filled up in three days, and they only offer one section.  The every other section in the department has less people than the one class I want to take.

I still haven't started my Android App yet.  Listening to Seth Godin, I think I front loaded the thing with all the stuff I find fun, and now have to do the hard parts.  That, and I have to mess with the Java version on my computer in order to get Eclipse to work.  If Verifone ever upgrades off Java 6, I'll be happy as a clam.

On the plus side, I've got one more night upgrade this week, and then I should be done with upgrades until at least January.  I hope.

Other than the subcontracting stuff.

It looks like the day is calling, so I'd better go answer.

Tuesday, November 18, 2014

Security

Something I’m questioning quite a bit is network security.  Network security is a nebulous thing that is never really clearly defined.  I’ve read through most of a Security+ book, but that doesn’t really cover the broad scope of what needs to be done to cover the subject.

I’ve looked at the SANS website, and they might be great but SANS is too busy selling things.  Looking at Cisco, it’s one part of the subject, but it doesn’t cover the entire subject. 

Here’s the real problem: network security is so spread out, ambiguous, and poorly documented that truly learning network security has to be a personal topic.  The individual has to wander through the various resources, hoping to find some piece of information that will secure the network.  So many different possibilities of areas to cover without any real dedication.  It is no wonder that networks are broken into all the time.

I guess that’s my rant for the day.  Lots of work today, so little time to spend at home and do…  anything else.

And I’m pissed at Evernote right now.  It lost about 2-3 hours of my note taking.  There was a lot of interesting information.   And somehow, I’m back to where I was before all my Saturday/Sunday studying.


Monday, November 17, 2014

The Monday update

This is about the best you are going to get today.

I haven't thought of anything interesting throughout the week to write down.  The entire family has started coming down with pink eye, so maybe today will be quiet.

I have thought of some things to work on, but nothing that seems of interest.  I've got the last section of studying for class done on Sunday, and the rest is just Packet Tracers and Labs.  I'm wondering if I actually need to enroll in the next class, or just buy the book.   I essentially taught myself, so what's the difference of going through 2-3 more Cisco books by myself without having to pay for the $500 class?

After all of that, I've got thoughts on collecting network baselines running through my head.  Interesting stuff, or at least to me.

Friday, November 14, 2014

The User Profile Service service failed the logon. User profile cannot be loaded.

Hmm… I just realized I almost posted the same blog twice.  That’s not very professional of me.  I spent part of the morning fighting an active directory issue.  The issue was “The User Profile Service service failed the logon.  User profile cannot be loaded.”

That’s a mouthful.  It probably had something to do with a setting I had.  Anyways, the fix for me was to log on to the local computer and add the domain user to the local computer as the proper account, and then logon as the domain user.   The thing fired up and ran for me like no one’s business. 

I spent a good 3-4 weeks on Active Directory without a single computer installed.  I installed one on Thursday, I am looking to install a second on Friday.  Then nine more the next week, as fast as I can build them and get them configured.  I would like to completely automate the build process, but that’s not going to happen.  Too many things that require hands on button pushing, and I have no way to create an MSI file for an automatic install. 


Perhaps one day, but not today.  At least I got my proxy file/web filtering working quite well.  I really love the thought of “make one change, affect every computer”.  I’ve spent far too long doing things the manual way because that’s the way it was always done.  Now, I’m tired of the way things were “always done”.  What I generally find is things were “always done” one way because some guy figured out how to do it that way.  After it was figured out, everyone else just hopped in line and followed along.  Too many round pegs going straight into round holes.

Thursday, November 13, 2014

Back to Active Directory

Eating lunch, I once again have a brain running in circles.  In the end, I got a little done during that lunch break, but not much.  Now I’m back in the morning, and things are considerably calmer.  Earlier this week, I thought I was behind.  Now, I’m not as convinced.  I ended up finishing the Java book and now I’m moving on to the Active Directory book.  I have decided to start over and reread the Active Directory book because I essentially skimmed through to find the parts I was looking for the first time.  Now, I’m going for a decent level of competency.  So I have to read the entire book to make sure I get what I want out of it.  I’m pretty sure I will.  My Active Directory knowledge has moved in leaps and bounds, and a lot of things are making a lot more sense.

My problem with the startup script had nothing to do with permissions.  I had the default software policy to basic, and the user didn’t have rights to access or run network resources.  They basically couldn’t run any software I didn’t specifically allow.  So that had to be dialed back to allow the company to operate.  Now, my proxy file works great and updates like I want it to.  This solution seems to work a lot better than using Content Adviser.  It also allows the use of Google Chrome without a separate blocking file.  That was nice of Google to allow all those things to interoperate well together.  Good design policy for Google, there.


Changing subjects: after restarting the Active Directory book, I’ve completed 11.96% of my goal.  Granted, I don’t have a date on any of these.  I just have an overarching goal to get it done.  I really only have a goal on getting my app built because there is a definite potential there.  Though I may be wrong, the financial outlay is low enough to where I’m not concerned with a flop.  I could make nothing on the thing, and still be happy I got it out there.  The hard skills in creating the app will still be there, so if I come up with another idea the lead time won’t be near what it was before.  Definite bonus to me.  Plus, the web based skills could easily be usable.  My brain is still running the thought of having MySQL and Tomcat running on my wife’s desktop, and doing…  I don’t know with it.  Something internal, probably.   I don’t want the hassle of hosting.  That’s just a pain.  It’s easier to pay someone else.

Wednesday, November 12, 2014

Introduction to Network chapter 5: Ethernet



Ethernet operates at datalink and physical layer

Ethernet most widely used LAN technology

defined by IEEE 802.2 and 802.3

speeds between 10 and 100,000 Mb/s

802.2 - LLC
802.3 - MAC and Physical layers

LLC sublayer 
     handles communication between upper and lower layers
     between networking software and device hardware
     implemented in software
     considered driver software

MAC sublayer
     lower sublayer of data link layer    
     2 responsiblities
          data encapsulation
          media access control

          data encapsulation
               frame assembly before trasnmission
               frame dissassembly upon reception
               adds header and trailer to network layer pdu

          data encapsultion has 3 primary functions
               frame delimiting     
                    used to identify groups of bits that make up a frame
                    provides syncronization between transmitting and receiving
               addressing     
                    contains physical address 

               Error detection
                    contains a CRC value used to determine if the contents have changed

     media access control
          responsible for placement of frames on the media (wire)
          removal of frames from the media

          underlying logical topology is a multiaccess bus
           all nodes in a network segment share the medium
                uses CSMA

understanding CSMA
     1) detect if there is a signal on the media
               a) if busy, wait
     2) if no signal, transmit

     if there is a collision, all data is bad and must be resent

     contention-based methods have less overhead than controlled access systems
     do not scale well with heavy media use

     CSMA/CD
     widespread use of switched networks makes CSMA/CD largely unneeded
     CSMA/CA in wireless still needed



     Every device receives every frame
     To prevent mass processing of frames not intended for that device, MAC was created.
     
     MAC used to identify which device should process a frame

     MAC address structure
     1st 24 bits/ 6 hex digits - Organizationally Unique Identifer
     Last 24 bits/ 6 hex digits - Vendor assigned

     1) Source computer sends
     2) each NIC in the network views the information
          a) if the destination MAC matches, then the frame is processed further
          b) if not, the frame is dropped

Ethernet Frame Attributes

     created in 1973

     2 primary versions
     -802.3 Ethernet Standard
     -DIX Ethernet, or Ethernet II         Used in TCP/IP networks
     framing style differences are minimal

     
both define minimum frame size as 64 bytes
     max 1518

     preamble/Start Frame Delimiter not included when describing frame size

     any frame less that 64 bytes discarded as a "runt"

     VLAN technology increased maximum frame size to 1522 

frame too big or too small, frame is dropped


Ethernet Frame
     -preamble and SFD - synchronization between sender and receiver
     -Destination MAC -
     -Source MAC
     -Length Field - exact length of the frame's data field;  can indicate which higher-layer protocol is used;
          if size greater than 1536, frame is ethertype protocol indicated.
          -if 1500 or less, then use of 802.3 frame format

     -data field - contains encapsulated layer 3 pdu

     -frame check sequence - used to detect errors


In Ethernet, different MAC addresses used for layer 2 unicast, broadcast, and multicast communications

Unicast -destination MAC of receiver
broacast - destination MAC of FFFF.FFFF.FFFF
Multicast - destination MAC is 01-00-5E 

MAC and IP
2 primary addresses assigned to a host
     Physical Address - MAC
     Logical Address - IP


Source device sends based on IP address 

DNS used to identify remote network

ARP protocol has 2 basic functions
     -resolving IPv4 addresses to MAC addresses
     -maintaining a table of mappings

Frame must have destination address to be placed on the media (wire)
refers to ARP table or ARP cache.  Stored in RAM on all devices

Each entry binds a MAC with an IP

table maintained dynamically
-adds information by
     -monitoring network
     -ARP request - L2 broadcast to all devices on the LAN

 -entries are time stamped;  if the system doesn't get a message by the time stamp expires, the entry is removed
-also capable of static entries

ARP to remote network
     -when host creates a packet for a destination, it compares destination IP address to its own IP address to determine if they are both on the same network.

     -if not the same network, then ARP to router interface serving as the gateway


ARP issues
     overhead on the media
          -could initially flood the network
     security - ARP spoofing or ARP poisoning 
          -broadcast adn security issues can be mitigated with modern switches
          -switches segment LAN into independent collision domains
          -switches send to only sender and receiver, reducing traffic flows

Switching
     devices usually connected by a layer 2 switch
     switch builds MAC table to make forwarding decisions

     if destination MAC is not known, switch sends the frame out all port except receiving port
     when destination responds, switch adds MAC to its MAC table
     -capable of multiple MACs per port (switch connected to a switch)

     switch MAC table sometimes referred to as CAM (content addressable memory)

     -transparent to network protocols and user applications
     -can operate in different modes that affect the end user
          -duplex settings
               -half duplex - one talks ata time
               -full duplex - send and receive at the same time;  CSMA/CD shut off in this case
          
     -Cisco Catalyst supports 3 duplex settings
          -half
          -full
          -auto


     -proper cabling also required (or used to be)     
          -MDIX auto function
          autmatic medium dependent interface crossover (auto-mdix)

     switches use following forwarding methods
          -store and forward
               get the entire frame before forwarding
               use CRC to determine if it needs to dump frame
               analyzes destination for where to forward
               required for QoS analysis
          -cut-through
               holds frame until it gets destination address, then forwards
               no error checking
               faster than store and forward, but can send broken frames

               2 variations to cut-through
                    -fast-forwards
                         offers lowest level of latency
                         typical of cut-through switching
                    -fragment free
                         reads first 64 bytes before forwarding (most errors occur in first 64 bytes)
                    
               switches use buffering techniques
                    port-based memory buffering
                         frames are stored in queues that are linked to specific incoming and outgoing ports
                         delay occurs if there is nothing transmitting on other ports and buffer is full
                    shared memory buffer
                         frame stores in common buffer used for all ports
                         useful for asymmetric switching

    Fixed or Modular switches
          PoE allows power to be sent to devices

          forwarding rate defines how many frames the switch can process in a second
          stackable vs non-stackable
          modular configurations - add more cards

          Small form-factor pluggable (ports that can be purchased and easily changed out on each switch)

     Layer 3 switch
          capable of performing layer 3 routing as opposed to the standard switch that just handles layer 2

          support Cisco Express Forwarding (CEF)
          complex, but based on 
               Forwarding Information Base
                    conceptionally similiar to routing table
               Adjacency table
                     maintains layer 2 next-hop addresses for all FIB entries

               separation provides benefits
                    -adjacency table can be built separately from the FIB table
                    -MAC header rewrite used to forward a packet is not stored in cache entries

          layer 3 switch variants

               Switch virtual interface (SVI) 
                    logical interface on a switch associated with a VLAN
               Routed port
                    physical port on an L3 switch configured to act as a router port
                    allow L3 switch to act as a router
                    not associated with a  particular vlan
                    L3 interface only and does not support L2 protocol
                    no switchport interface configuration command
               Layer 3 EtherChannel
                    logical itnerface on a Cisco device associated with a bundle of routed ports

Tuesday, November 11, 2014

Chasing Down a Dog with a K-Bar

Saturday before Halloween

Go to a neighbors birthday party.
Come home.
Sit down to carve pumpkins on the back porch
Wife brings the dog out.
The baby sits on a blanket on the back porch.
Other two kids are hanging out, picking designs for the pumpkin.
Go inside to pee.
Wife yells for me.  Trouble kind of yell.
Neighbor's dog is fighting my dog.  Baby is down and crying.
I scream at the dogs and chase down the neighbors dog.
Neighbor dog runs away.
This is the second of my kids to be attacked by that dog.
I go inside and grab my K-Bar
Stuff the K-Bar in sheath into the back of my pants.
Time for Thunderdome.
Injury check.
Dog saved by being a giant fluff ball
Baby just got knocked over.
Fool me once, shame on you.
Fool me twice, shame on me.
You won't fool me again.
Time for the dog to die.
Hunting party.
Stalk the dog down the alley.
Runs around and tries to get back inside it's fence.
I yell at the dog again.
Dog runs off.
I yell at the owners through the front door to come get their dog.
Back to stalking the dog.
Owners catch the dog, bring in through back entrance.
Guess the dog gets to live.
Go home.
Carve pumpkins.
Break the plastic tools.
Get a power drill and finish the pumpkin.
Owners get rid of the dog that night.



True story.


Monday, November 10, 2014

Catching up

I'm still slightly behind schedule, but it will be okay.  I'm about 94% complete with Java All-In-One.  Technically, I'm supposed to be done with the book today so I can start programming Tuesday.  I've got class on Monday, so my day is pretty much taken up.

I probably don't have to finish the entire book to learn what I need to learn.  I could probably start coding now and fudge around until I figure out what I need.  I think my knowledge is there, it's just a matter of slugging out the work.  But I wanted to make sure and read the entire book just so I'm certain there's nothing left in there that I need.

I'm not sure it's going to take me until January 1st to finish my prototype, but it could.  I do have the troublesome problem of having to move between Java 6 and Java 8 any day I want to try and code.  And I'm not a big fan of Eclipse, but it's pretty much the only Android development kit out there I've heard of that doesn't require more time to setup than writing the code.

I think I'm going to write most of the code in NetBeans and then port it all to Eclipse later.  The general idea shouldn't be complicated.  Most of this is going to be user interface design, anyways.  Which I really find strange.  But that's fine.

The only question I have is a pretty straightforward one, as presented by Seth Godin.  He's got a podcast called Start School.  It was a class he taught for several days.  Anyways, Godin said if you are going to create any sort of phone app, you have to add a social component to it.  Adding a social component gives others the opportunity to find and recognize your creation as they advertise their successes.

I'm still not 100% certain what that all means, but I'm going to throw in a social component just because of the potential expanded reach.  Yeah.




Thursday, November 6, 2014

Introduction to Networks Chapter 4 Notes

From Introduction to Networks by Cisco Press, 2014

Chapter 4

Wireless - 
     -range limitations
     -easily mobile
     -performance directly related to distance
     -performance degraded by other wireless


wired
     -won't degrade in performance based on distance
     -hard to move
     -static positioning
     -as many devices with no degredation

Physical layer
     types of media
     -copper
     -fiber optic
     -wireless

Functional Areas

Physical components - electronic hardware, media, connectors, interfaces

encoding - convert a stream of data bits into predefined code

     common network encoding schemes
     -manchester - 0 is high to low transition
                          1 is low to high transition
      -non-return to zero - two states meaning 0 and 1, and no neutral/rest position

signaling - method of representing bits

     asynchronous - transmitted without clock signal.  frames require start/stop indicator flags

     synchronous - data signal sent with clock signal

ways to transmit

     frequency modulation - carrier frequency varies
     amplitude modulation - carrier amplitude varies
     pulse code modulation - analog signal is converted to digital by sampling the signals amplitude and expressing as binary

data transfer speeds (in bits)
     know your metric

throughput - measure of bits across media in a given time
     -varies by...
          -amount of traffic
          -type of traffic
          -latency - amount of time, including delays, to travel from one point to another

     throughput can't be faster than the slowest link



Copper cabling
     -inexpensive
     -easy to install
     -limited by distance
     -limited by signal interference

data transmitted as electrical pulses

attenuation - the longer a signal travels, the weaker it gets

electromagnetic interference (EMI) and/or radio frequency interference (RFI) 
     -capable of distorting signal or corrupting signal
     -produced by florescent lights and electrical motors

crosstalk - electrical or magnetic signal on one wire distorts the signal on another wire
     -canceled by twisting pairs together

main types of copper media
     -shielded twisted pair (STP)
     -unshielded twisted pair (UTP) 
     -coaxial


UTP - most common
     - 4 pairs of color coded wires

STP - not as common
     -provides better noise protection
     -more expensive
     -difficult to work with
     -if improperly grounded shield can act as antenna and pick up signals
     -4 pairs of color coded wires

coax - 2 conductors sharing the same axis
     -traditionally used in cable tv, early Ethernet
     -still used for
          -wireless
          -cable internet

all copper susceptible to fire/electrical hazards
     -toxic gas released when burned
     -lightning strikes
     -over voltage fries ports
          
          prevent problems by....
          -separate data and electrical
          -connect cables correctly
          -inspect for damage
          -most be grounded correctly

UTP cabling
     -cancelation - pair wires in a circuit, then magnetic fields are cancelled
     -vary twists per wire enhances cancellation effect

     standards defined by EIA/TIA
     -cable types
     -cable lengths
     -connectors
     -cable termination
     -methods of testing

     categorized by IEEE by transmission speed
     - terminated with ISO 8877 RJ45 jack

     termination options
     -Ethernet straight through
     -crossover
     -rollover

Fiber Optic Cable
     -higher data rate
     -longer distance


     Fiber is used 
     -Enterprise networks as the backbone
     -fiber to the home (FTTH), access networks
     -long haul networks
     -submarine networks
     
fiber design/layout
     -core - pure glass - transmission medium
     -cladding - surrounds core, acts as a mirror
     -jacket -surrounds and protects core and cladding
     -susceptible to sharp bends

     transmitted using...
     -lasers
     -LED

     -laser light through the fiber could damage the human eye
     
     single mode fiber - small core and lasers 
          -long distance

     multimode fiber
          -large core and LED
          -cheaper
          -up to 550 meters

     terminated with optical fiber connector
     -70 different connector types

     most popular
     -straight tip (ST) - older, bayonet style
     -subscriber connector (SC) square or standard connector
     -LC (lucent connector) little or local connector, growing in popularity due to small size
     
All fiber connectors have light travel in one direction at a time (half duplex)
Need 2 cables to send/receive at the same time (full duplex)

terminating fiber requires special training and equipment
     common failures
     -misalignment-  not joined correctly
     -end gap - media does not correctly touch the splice or connection
     -end finish - dirt, not properly polished at termination

     use a tester or bright flash light
     tester
          optical time domain reflector

Advantages for fiber over UTP
     -fiber immune to EMI/RFI
     -greater lengths
     -fiber more expensive over the same distance
     -different skills to terminate/splice fiber
     -requires careful handling

wireless media

     -carry electromagnetic signals that represent binary digits
     -not restricted to connectors or pathways
     -greatest mobility
     -number of devices expanding

     concerns - 
     -coverage area - work well in open areas, but are blocked by certain obstructions
     -interference - can be obstructed by common household devices
     -security - requires no physical access, so it is easy to gain unauthorized access 
          -security a major failing

     standards
     IEEE 802.11 (WLAN) - wifi uses a contention or non-deterministic system with system CSMA-CA
     IEEE 802.15 (wireless PAN or Bluetooth) 
     IEEE 802.16 Wi-Max point to point microwave

     physical layer standards apply to
     -data to radio signal encoding
     -frequency and power of transmission
     -signal reception and decoding
     -antenna design and construction

     common implementation is to use a WAP connected to a LAN
     
     -lots of wired standards.  check and make sure they interoperate
     -stringent policy following

     various 802.11 standards
     -a
     -b
     -g
     -n
     -ac
     -ad

data link layer
     purpose - responsible for the exchange of frames between nodes over a physical medium

     node - network devices connected to a common medium

2 services
     -accepts L3 packets and package them into frames
     -controls media access control and performs error detection

data link layer divided into 2 layers

------------------------------------------------------------------------
     network
-------------------------------------------------------------------------
data link        |       llc sublayer          
                    ----------------------------------------------------------
                    |      mac sublayer   |          |            |               |
-----------------------------------------802.3  - 802.11  |  802.15   |
 physical        |                            |          |            |               |
--------------------------------------------------------------------------   

LLC (logical link control)
     -defines software process that provide service to network layer protocols

MAC (media access control)
     -MAC processes defined by hardware; data link layer addressing and delimiting of data according to physical media connected

     MAC method - gets frame on and off the media

at each step, data goes up to layer 3 and is re-encapsulated as it gets back out

     -encapsulation in header and trailer to create a frame
      contains
          -header - control and addressing
          -data  - information.  IP header, transport layer header and data
          -trailer - control info and error dection

     framing breaks stream of 0s and 1s into decipherable groupings
     -frame start/stop indicator flags
     -addressing
     -type - used by LLC to identify L3 protocol
     -control - special flow control services
     -data - frame payload
     -error detection

Layer 2 standards

Topologies

     MAC provides traffic rules
          topology - how the connection between the nodes appears to the data link layer
          media sharing - how the nodes share the media
          physical topologies - where in the building
          logical topologies - how network frames transfer frames from node to node 
               IP address map

   
WAN topologies
     point to point
     hub and spoke
     mesh - every system connected to every other

virtual circuit
     logical connection between two nodes

half duplex - one sends, everyone listens
full duplex - send and receive at the same time

physical topologies - star end devices 
     -connected to intermediate device

     -extended star
     -bus
     -ring
     
     contention-based access - all nodes compete for use of the media, but have a plan during collision

     controlled access - each node has its own time to use the media

     CSMA/CD - monitor traffic, send if silent
     CSMA/CA - 

data link frames
     fragile environment requires more control
          -think media transmission through clouds, space, space, brick walls, hills...   
     protected environment requires fewer control
          -think hardwired lines that go short distances


------------------------------------------------
header
------------------------------------------------
start frame   |  address     | type/length
------------------------------------------------

different data link protocol use 
     -priority/QoS
     -logical connection control field
     -physical link control
     -flow control - to start/stop traffic
     -congestion control - indicates congestion

data link provides addressing that is used in transmitting across shared media
called physical address

physical address specific to device
     -non-hierarchal

     -can't be used to find device on the internet
     -only used for local delivery

if you want to cross networks, an intermediate device is necessary

trailer used to determine if frame arrived without errors
     create a CRC and places it in the FCS field

at destination, check FCS.  if error, discard
     -not a perfect method

all layer 2 use depends on topology

common data link protocols
     -ethernet
     -PPP
     -802.11 wireless
     -HLDC
     -frame relay

Ethernet 
     -dominant LAN technology
     -802.2 and 802.3 standards
     -provides unacknowledged connectionless service using CSMA/CA as media access
     -MAC is 48 bits, represented in hex

Point to point protocol
     -deliver frames between nodes
     -developed by RFC
     -layered architecture
          -establishes logical connections (sessions)
     -PPP session hides physical media from upper PPP protocol

802.11 wireless 
     -same LLC and 48 bit addressing scheme as ethernet
     -more controls based on media
     -uses CSMA/CA
     -uses acknowledgements to confirm successful delivery
     -supports authentication, encryption, privacy, association