lorez landline: CCNA

Showing posts with label CCNA. Show all posts

Wednesday, July 27, 2016

CCNA

One last day before the CCNA.

After a bit of testing, I'm pretty good on the LAN side. It's WAN and routing protocols that I need to spend the most time on. I can get the necessary points out of studying OSPF, EIGRP, PPP, and Frame Relay.

Still working on Mnemosyne on my studying. I covered the LAN side way too deeply. Basically means I can answer LAN side questions without a second thought. But WAN and routing protocol side is weak.

On the practice tests, I've been getting about 65%. So that means I only need to improve 20% or so. Easy.

Back tomorrow afternoon with results.

Monday, July 4, 2016

Learning the Right Lesson

I finally set a date to take the CCNA. Actually, it's the part of the CCENT. So I'm doing the two part CCNA thing. Anyways, now that I have a date I have a limited time left to learn everything that I could possibly need to pass this thing.

And I'm doing everything different again.

See, success is a bad teacher. I think I heard that from Bill Gates.

So far, I've had success. But there were certain places that I had limitations. Mental gaps in the knowledge. I should be strong in all the information, not just sections. But there are sections and specific information that I needed that just wasn't making it into my head in the correct manner.

It's funny. At one point I was turning my CCENT notes into a book to sell. That project was abandoned for various reasons. But the main one being that what did good for the CCENT may not be good for the CCNA. How can I know?

So I've been using Mnemosyne. It's a flash card program that allows you to create your own flash cards. So you end up getting a lot of flash cards that you study. It seems I heard about flash cards for years, but always avoided them.

I didn't avoid them because they were complicated.

I avoided them because they were work. I didn't need to work to learn everything. Until I did. And the methods I was doing weren't working. And they didn't work for years. YEARS.

So now, it's time to quit avoiding work. Because that's what all this searching has been about. Avoiding work. And flash cards are work.

You are what you repeatedly do.

I think Aristotle said that.

Success is a bad teacher.

So if you want success, you must repeatedly do something. And it's probably going to be work. And it is going to suck.

And you can either do it now, or spend the rest of your life avoiding the work.

And you will keep ending up in the same scenario: wondering why you only get so far.

You are what you repeatedly do. Excellence then, is not an act but a habit.
Success is a bad teacher.

Strangeness indeed.

Thursday, May 12, 2016

CCNA class

The final class of CCNA prep is done today. I've got to take the final, and then the formalized class is over. It has been kicking me up one side of the street and down the other.

It's not that material is hard. It's just that there's a lot of material covered in an incredibly short time period. What is normally a 16 week class has been reduced to 8. And that's pretty crazy. That's nothing for many classes. But a bunch just turns college into some horrendous grind.

I guess colleges needed to find a new way to make money. And grinding students through faster always seems like a good idea. How much do I want to bet they are charging the same amount for the 8 week class as they were the 16 week class? Nothing.

Anyways. Once the class is finished, I need to start studying to take the CCNA. I'm aiming for about one month out for that. My goal is to have it done before July 1st. Maybe June 12th, as the place I take the test schedules on Thursdays.

Seems like that is the next thing I need to do. Schedule the CCNA, so I have a definite date in which I'm going to take the thing. Definiteness adds a sense of urgency.

Friday, March 25, 2016

cisco 4 class

Back to class for Cisco 4, and I wonder where the passion is. There are a lot of people in the class spouting the typical stuff. Worried about how much homework they have and how to get out of it. A lot of spurious griping and complaining from people.

I wonder why they are there. What's the purpose of giving up your Thursday night for a class you don't care about?

I guess it's part of the degree plan. But where's the drive to be the best? Where's the drive to do something great in the world? To make a name for yourself in your position?

It doesn't exist in the classroom I'm in.

I guess they haven't learned yet.

You do not rise to the occasion. You fall to the level of your training.

And if your training sucks, so will your response in stress.

Wednesday, December 2, 2015

Useful Cisco Commands

Here's a collection of Cisco commands I still haven't been taught by Cisco. But I learned through various other methods.

terminal monitor
and
term no mon
Terminal monitor is the answer to all remote diagnostic issues. So when you ssh or telnet into a client, you then get the output you would if you were on site. The only problem is that output occasionally drives you mad as you try to figure out the solution to a problem. How in the world do you turn it off? That's where term no mon comes into play. It turns off console connections for after they have been turned on with terminal monitor. Terminal monitor is taught in class. Term no mon is not.

term len 0
Another terminal command. The terminal length command tells how many lines of output to display when you hit a key. But term len 0 has a special use. Let's say you want to do a quick examination of the entire running config of a site. How do I do that?

Using Putty, turn on logging. I'd actually recommend setting logging to default so it logs every piece of output forever. Might be useful when you have other issues. Next, remote access the system via telnet or ssh. Next. term len 0. You now just set the terminal length to 0, so it will display the entire output without having to press a single key. Guess what? No more parsing crud out of text files. You now have a complete running config stored in the Putty log file that only needs minor parsing. No more removing typing, input characters, or what not. Just open the file and remove the login/logout sections.

Next, exit. Do not save. No not write. That way, the next time you log in everything will be just as you found it before. No weirdness or strangeness. Otherwise you might have to use term len 10 or something to that effect to put it all back together again.

monitor session 1 source interface interface_name/number
monitor session 1 destination interface interface_name/number
The only pair of commands in my list. I've only used these commands on switches. They might work on routers as well. Not sure. But here's the great thing about these commands: along with Wireshark, you can kick back and examine all the traffic going through a device in order to try and troubleshoot communication issues. It's kind of like a programmable hub, but better. And, you can monitor as few or as many ports as you want. I'm sure there's limitations to the commands, but like I said, these are things I've learned that classes have never taught me.

So, there you go. A short collection of Cisco commands that seem to make life easier. Or get rid of terminal monitor after you start it up. Hope it helps.

Thursday, November 26, 2015

Last Projects for Cisco 3

So I just finished my last two packet tracers for my Cisco 3 class. Presented, for all your wonderful glory, is a picture of my EIGRP capstone project.

Which I have to admit is about as complicated as some things I've designed for work, and are actually in operation. The fun thing about this one is I ended up setting up DHCP on every single one of those networks in there, so the end user connections are all DHCP assigned. The EIGRP portion wasn't that difficult. Mostly, it was just labor.

The interesting thing was in creating the ISP connection. Really, it's just a router with an assigned public IP. From there, I added a default route back towards the network I designed. It might have been more interesting to design the thing as a multiaccess network, but who cares. The system wanted a multiple location EIGRP network. So I used serial connections. And funny thing is, I've never had to set up a serial connection in real life. All Ethernet based. One was PPPOE, and that was a bit annoying to set up.

So now, all I have to do is study for the final and start working on the next book. In the process of taking over four stores. Isn't work fun?

Tuesday, September 15, 2015

Kitchen Table

It's formica, and it's my kitchen table. At least it doesn't look like it came from 1999. Maybe 1975.

Maybe I should spend more than 5 minutes on the background.

Or, I could go back to studying Scaling Networks.

Back to studying.

Sunday, July 5, 2015

post CCENT

I passed the CCENT. Grading criteria was between 300 and 1000, and passing was 803. I scored a 907. Hooray for me.

The test was copyrighted 2013. There was a lot of subnetting through out. Not much IPv6. There was four question problem on OSPF. Another was on security settings. Which reminds me. I need to test one of the configurations they performed. Because I think I know the answer, but I don't know if I was correct or not.

I guess now on to something else. Back to studying the stuff I've been studying. I'm currently reading Simple Nature by Benjamin Cromwell. After that, it's on to Mechanics and then my study of physics takes a temporary break.

Other stuff I'm currently reading include The Book of Five Rings by Miyamoto Musashi. After that one is finished, it's off to The Hacker Playbook by Peter Kim.

There's an entire list of books after that, but that collection will keep me good for several days.

Remember: people don't grow without intentional effort.

Monday, May 11, 2015

construction

Working on a site out of town. Learning many new things. The crash course in PPPOE was interesting.

Routing and Switching class final is tomorrow. Need to schedule the CCENT for about 2 weeks from then. That should give me enough time, without being too much time.

I think I've come to the conclusion that IPv6 will permanently be a WAN interface technology, while the world uses dual stack routers to NAT into IPv4 private addresses.

One bad tracert and a nefarious person could find your entire inner networking scheme. But that doesn't work if NAT is involved. The door shuts at the front door, and not somewhere inside. That's really the problem with globally routable IP addresses inside your network. If you don't have tracert blocked, you'll end up giving away your entire network structure.

It's not the "one shot, one kill" approach to network security. There isn't such a thing. There is only security in depth. Walls and trenches and gates and guards and ACLs and NAT and every other thing you can possibly through between you and the outside world. Maybe some machine gun nests and razor wire, as well.

Friday, March 27, 2015

Pareto Principle in Action

My last experiment started as a practical examination of the Pareto principal, otherwise known as the 80/20 rule. I had been making straight B’s on my Routing and Switching tests, and I wanted to consistently improve them to A’s. In order to do that, I needed to know how much time I was spending getting that B.

So I changed my study habits slightly, and decided to keep track of time spent studying. I’d also read something about two competing South Pole expeditions. One ran as much as they could every day. Some days they didn’t go anywhere because the weather was bad. The other went 15 miles a day, regardless. They went 15 miles, and stopped for the day. So I decided to try that principal with studying. And the results were pretty remarkable.

I went from an average low B to a high A on the next test. Hooray for me. Anyway, this was the process.

Read any previous notes I had made.

Grab a highlighter, and read 15 pages, highlighting what I thought was important.

Copy those highlighted notes into my printed notes.

Quit for the day. Return tomorrow.

In doing this process, I found it only took about an hour a day, so I really had more time to work on other things. Normally, I would have spent 3-4 hours straight on Saturday or Sunday reading and highlighting. Granted, chapter 7 took me 387 minutes to complete, but that only averaged 64 minutes per day. I have yet to take the test on that chapter, so I’m not yet sure how effective this process has been for that chapter. But I do know the previous chapter resulted in huge positive results.

I think I missed a lot of the main part of this that makes it so effective. The main effective part is that you study a little bit every single day. It’s not a brain destroying group done once or twice per week. It’s simply an hour per day, every single day. In that way, your brain doesn’t have time to stop thinking about what you have studied. On top of that, by the end you’ve read and reread your notes numerous times. Then, the information is more likely to stick.

We’ll see what happens with chapter 8. Though I have to admit, single area OSPF just doesn’t interest me that much.

Thursday, December 11, 2014

Introduction to Networks ch 6

Introduction to Networks Chapter 6

Quiz

How does the network layer use the MTU value?

A) The MTU is passed to the network layer by the data link layer.

What are 2 functions that are provided by the network layer?

1) providing end devices with a unique network identifier

2) directing data packets to destination hosts on other networks

During the boot process, in what memory location will the router bootstrap program look for the IOS image if a TFTP server is not used?

A) flash

When transporting data from real-time applications, such as streaming audio and video, which field in the IPv6 header can be used to inform the routers and switches to maintain the same path for the packets in the same conversation

A) Flow Label

Within a production network, what is the purpose of configuring a switch with a default gateway address?

A) The default gateway address is used to forward packets originating from the switch to remote networks.

Chapter 6 Notes

routing - communication between networks

Network Layer

Provides services to allow end devices to exchange data across the network

-OSI Layer 3

-4 basic processes

-Addressing (end devices)

end device with configured IP is called a host

-Encapsulation

Receives PDU from transport layer. Adds header. Now called a Packet

-Routing - services to direct packets to a destination host on another network

-each route the packet takes to reach the destination is called a hop

-Deencapsulation - process of removing headers from lower layers

Operates without knowing/caring of the data being carried

Media/Path is irrelevant. Satelite, wireless, cable modem, serial.. doesn't matter

Network Layer protocols

IPv4

IPv6

Characteristics of IP protocols

-low overhead

-connectionless

-best effort (unreliable)

-media independant

Connectionless - no dedicated end to end connection created before sending. Kind of like mail.

-send at any time

-unaware of the state of the recipient

-unaware if the receiver can understand the data

-no error correction

-no guarantee packets will arrive in order

Best Effort Delivery

can't recover from failed/corrupt packets

bad packets are dropped

trouble with transmission handled by upper layers if the layer desires

Media Independent

Data link layer responsible for transmitting over media.

maximum size packet that can be sent is the MTU (maxium transmission unit)

-data link layer passes the MTU value up to the network layer

-network layer uses information to determine packet size

-breaks packets to fit the MTU.

-Fragmentation is necessary to split packet size so it will fit on a device with a smaller MTU

IPv4 Packet

-In use since 1983

Packet has 2 parts

1) IP header

Significant portions of the header

-Version - packet version. Constant at 0100

-Differentiated services (formerly Type of Service) - used for QoS. 1st 6 bits used by QoS. last 2 bits used to prevent dropping

-TTL (Time to Live) 8 bit value to limit the lifetime of the packet. Reduced at each hop. If hits 0, router discards packet and returns ICMP Time Exceeded message to the source IP address

-Protocol - indicates data payload

-Source IP address

-Destination IP address

2) Payload

Remaining fields of the IPv4 header

-Internet Header Length (IHL) - 4 bit value identifying the number of 32 bit words in the header

-total length - defines entire packet size, including header and data

-header checksum - used for error checking IP header. If values do not match, packet is discarded

If the packet is fragmented, other fields are used to keep track of the data

-Identification - unique identifier of a fragment

-flags - identifies how a packet is fragmented

-fragment offset - identifies the order in which to place the packet when it arrives at the destination

IPv6 packet

Limitations of IPv4

-IP address depletion - only 4 billion available IP addresses. Quickly running out due to always-on connections

-Internet Routing Table Expansion - more networks, more routes, more waiting

-Lack of end-to-end connectivity - Troublesome when NAT and PAT are used.

Encapsulating

-simplification of the IPv6 header

IPv4 had 20 octets and 12 basic header fields

IPv6 has 40 octets and 8 basic header fields

advantages over IPv4

-better routing efficiency for performance and forwarding rate

-no requirement for processing checksums

-simplified and more efficient extension header mechanisms

-flow label field for per-flow processing with no need to dencapsulate to identify various traffic flows

IPv6 packet header

-Version- 4 bit binary. Constantly set to 0110

-Traffic Class - equivelant of the differentiaed services field

-flow label - used to inform routers and switches to maintain the same path for packet flow so that packets are not reordered

-payload length

-next header - equivelent of the IPv4 protocol field. indicates data being carried

-hop limit

-source address

-destination address

IPv6 addresses

-128 bit address

-colons separate entries into a series of 16-bit hexadecimal blocks

Routing

How a host routes

Host forwarding decision

hosts can send a packet to ...

-itself

-local host

-remote host

local host vs remote host is based on IP address and subnet mask comparison between sender and receiver

devices beyond the local network segment referred to as remote hosts

Default Gateway

the device that routes traffic from the local network to devices on remote networks

if a host is sending to remote network, it sends to default gateway

default gateway maintains a routing table

-data file in RAM that stores route information from directly connected networks

-also knows remote networks the device has learned

host must maintain a local routing table to ensure proper delivery

hosts routing table typically contains of...

-direct connection

-local network route

-local default route

default route only used to connect outside of the local network

IPv4 routing

If a host wants to send a packet inside the local network

1) consult the IPv4 route table

2) match the destination IP address and identify it as being in the same network

3) send the packet using the local interface

If a host wants to send a packet outside the local network

1) consult the IPv4 route table

2) find there is no exact match for the destination IP address

3) choose the local default route to pick the forwarding location

4) send the packet to the gateway using the local interface

IPv6 routing

View routing table in Windows with netstat -r or route print

If - lists the interface numbers from the interface list

metric - lists the cost of each route to a destination. Lower numbers are preferred routes

network destination - lists the reachable networks

gateway - lits the address used by local host to forward outside the network

::/0 - IPv6 equivalent of the local default route

::1/128 - IPv6 equivalent of the loop back address

200::/32 - global unicast network prefix

fe80::/64 local link network route address; represents all computers in the local network

ff00::/8 multicast address

no broadcast addresses in IPv6

Router Routing Tables

routers store information about

directly connected routes

-known from interfaces physically plugged into the router

remote routes

-routes that come from other routers.

-manually configured or dynamically configured through the device learning from other routers

routing table of a router

-destination network

-metric associated with the destination

-gateway to get to the destination

show ip route

when a packet arrives at the router, the router examines the routing table. if the destination network matches a route in the routing table, the router forwards the packet to that route

if multiple paths to the same location, then lowest metric wins

directly connected routing table entries

routers have 2 rotus after IP address is assigned

route source: - how the route was learned

C: directly connected

L - local route

Destination network and how reached

identifies the address of the network and how a packet can reach the destination

outgoing interface

what interface is used to connect to that network

routers generally have multiple interfaces configured

common codes for remote networks

-S: route was manually created by an admin. Static route

-D: learned dynamically using EIGRP

-O: learned dynamically using OSPF

remote network routing table entries

route source- how the route was learned

destination network - the address of the remote network

administrative distance - trustworthiness of the route source

metric - value assigned to reach the remote network. Lower wins

next hop - ip address of the next router to forward packets to

route timestamp - when the route was last heard from

outgoing interface - physical interface to forward a packet

next hop address

address of the device that will process the packet next.

packets can not be forwarded by the router without a route for the destination network.

if no route, packet is dropped

router can be configured with a gateway of last resort if the destination is unknown

Routers -

a router is a computer

branch - small business, medium business, teleworkes

WAN - large business

Service provider - large service providers

router CPU and OS

Router memory

RAM - store applications and process including

-IOS - copied during bootup

-running config

-ip routing table

-ARP cache

-packet buffer

routers use DRAM

volatile memory and requires continual power to maintain information

all content lost when powered down

ROM

used to store:

-bootup instruction

-basic diagnostic software

-limited IOS

firmware embedded on an integrated circuit inside the router

doesn't lose contents when powered down

NVRAM

used as permanent storage for the startup config file

doesn't lose contents when powered off

flash

used as permanent storage for IOS and system related fields

router backplane

has the following connections

-console ports

-aux port

-LAN interfaces

-Enhanced high-speed WAN interface card (EHWIC) slot

modular enhancement slot. Different interface, different card

connecting to a router

routers interconnect many devices

connections grouped into two categories

management ports - used to configure/manage/troubleshoot. not used for packet forwarding

in-band router interfaces - LAN and WAN interfaces configured with IP addressing to carry traffic

two interfaces can't belong to the same network

router bootup

bootset files - loaded into RAM when booted

-IOS image file

-start config file

router bootup process

1) perform POST and load the bootstrap program

2) locate and load the Cisco IOS software

3) locate and load the startup config file or enter setup mode

locating/loading config file

can be saved in NVRAM.

if not, can be loaded from a TFTP server

show version

CPU and amount of RAM

some versions write the amount of ram with XXXX/YYYY. add those two numbers together

has config register as 0x2102. changing to other used for password recovery

general config steps

1)give hostname

2) set passwords

-enable

-console

-VTY

-use service password-encryption to encrypt password

3) setup a banner motd

4) exit config

5) save configuration

configuring interfaces

1) conf t

2) interface whatever

3) ip address xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy where x is IP address, y is subnet mask

4) description blah

5) no shutdown

6) exit config

7) save

verify interface configuration

show ip interface brief

show ip route

show interfaces

show ip interface

default gateway on a switch

1) interface blah

2) ip address xxx yyy (x is IP, y is subnet)

3) no shutdown

4) ip default-gateway xxx.xxx.xxx.xxx (x is IP address)

IP address on a switch is only used to mange the switch

if you want it accessible from anywhere, it needs a default gateway

Tuesday, December 2, 2014

Changing passwords... and Eclipse

Want to figure out how much you know about a system? Change a password. Sounds stupid, but automation is often setup under a single user account. In a large company (I’m hoping) you find that only one password affects one process. In a small company you will run into craziness. But I would encourage you to change passwords, even ones where you don’t have a great deal of information on what happens when the password changes.

If anything, it becomes a good time to write documentation. Let’s face it, you are supposed to have documentation on everything you do anyways. Password changes are no different. If you have built the infrastructure properly, then a password change should only effect one device or service. That may seem like a lot of passwords. It is. But if you aren’t willing to put effort into security, you won’t have any.

Moving on…

And Eclipsing we will go… I took my final today, and I don’t have any site upgrades planned until January, so I think it’s time to get the mobile apps I have built in head tested and running. That means breaking several things I would normally use at work. But I suppose that will have to work.

Wednesday, November 26, 2014

Introduction to Networks (non-technical)

Rather than post my typical notes from a CCNA course, I figured I'd post a non-technical description of how networks "work". I'm going to preface this by saying this is "allegory" of TCI/IP layer 3. This is not intended to be definitive.

So...

You have built a company. It's a great company. But no one can ever find your physical location. You live on a drab, grey, boring street. Did I mention grey? I meant every single building is nothing but grey concrete, and the streets are bleached grey. It is grey as far as the eye can see.

So, being the great business leader you are, you go out and buy a bucket of purple paint. Now, purple paint is the greatest thing since sliced bread. And because it's the greatest thing since sliced bread, it costs an arm and a leg. To get the shade of purple you want, you buy one can of paint. It covers the outside of the door well, but nothing else.

So, from the outside your door looks purple. But that paint is so darn expensive, you only paint the outside. The inside of the door is still brown.

So, a customer comes to visit.

You tell him to drive down the grey street until you see a purple door. He find your location in minutes. It's easy.

Back in your office, you have a discussion, and he thinks he is going to buy from you. But he needs to talk to a few people to determine how much he wants to buy. And he forgot how to get out of the building.

"Oh, just go out the purple door", you tell your customer.

The man spends 45 minutes wandering your halls, and finally finds you. He curses you out, cancelling all potential business. You are at a complete loss. The customer can't find the purple door.

The one thing you forgot is that doors have two sides. One side that is visible from the street, and one side that is only visible from the inside of the building. You painted your street door purple. It's easy to find. But your exit door on your building? Still just as brown as it ever was. So telling someone to go find a purple door is an exercise in futility.

You have to name the door based off which side you happen to be looking at.

Even though both talk about the same thing, it's a matter of which side of the door you are on. And you have to have your discussion based on which side of the door you can see.

Monday, November 24, 2014

Monday Ramblings

Here are some ramblings for Monday.

The subcontract work fell through. I spent about 45 minutes on the phone explaining how TCP/IP layer 3 works, and finally got them to know what they needed to know. I guess a broad knowledge of networking helps a lot when working in an industry that is increasingly network based. It doesn't help that most networking issues happen at layer 1. The issue there was a layer 3 addressing issue. Pictures don't help some people.

After messing with my current reading chart, I determined it will take me (on average) until January 17th to finish the next book. Strange what a few excel formulas can do. It's almost magical. The formula here happens to be

(today's date + (estimated remaining sessions * average days between reading))

estimated remaining sessions = (total pages - current page ) / average increase in page count

So, by close to February I'll be back into an old Security+ book, Some time after that, I'll be into the book on Physics. Progress, as it were, is happening. After starting over with the Active Directory book, I'm about 12.7% complete with my reading goal. That doesn't seem like much, but it more progress than I've made in years.

It's hard to remember that progress only happens when it is intentional. Rambling through life will not get you where you want to go. Make a plan, and go there. That's the only way to get to the end of the path. And if that path takes reading 5,200 pages, then so be it. At least you've got a plan, which is a lot more than most people have.

Finals are next Monday, so I'll finish up Introduction to Networking then and be free for a few weeks. Fighting issues with the next class, but we'll see what happens with that. The issue is a supply/demand problem. The next class filled up in three days. Every other class doesn't have the people as the one section I want to take. Lovely stuff.

Wednesday, November 12, 2014

Introduction to Network chapter 5: Ethernet

from Introduction to Networks by Cisco Press

Ethernet operates at datalink and physical layer

Ethernet most widely used LAN technology

defined by IEEE 802.2 and 802.3

speeds between 10 and 100,000 Mb/s

802.2 - LLC

802.3 - MAC and Physical layers

LLC sublayer

handles communication between upper and lower layers

between networking software and device hardware

implemented in software

considered driver software

MAC sublayer

lower sublayer of data link layer

2 responsiblities

data encapsulation

media access control

data encapsulation

frame assembly before trasnmission

frame dissassembly upon reception

adds header and trailer to network layer pdu

data encapsultion has 3 primary functions

frame delimiting

used to identify groups of bits that make up a frame

provides syncronization between transmitting and receiving

addressing

contains physical address

Error detection

contains a CRC value used to determine if the contents have changed

media access control

responsible for placement of frames on the media (wire)

removal of frames from the media

underlying logical topology is a multiaccess bus

all nodes in a network segment share the medium

uses CSMA

understanding CSMA

1) detect if there is a signal on the media

a) if busy, wait

2) if no signal, transmit

if there is a collision, all data is bad and must be resent

contention-based methods have less overhead than controlled access systems

do not scale well with heavy media use

CSMA/CD

widespread use of switched networks makes CSMA/CD largely unneeded

CSMA/CA in wireless still needed

Every device receives every frame

To prevent mass processing of frames not intended for that device, MAC was created.

MAC used to identify which device should process a frame

MAC address structure

1st 24 bits/ 6 hex digits - Organizationally Unique Identifer

Last 24 bits/ 6 hex digits - Vendor assigned

1) Source computer sends

2) each NIC in the network views the information

a) if the destination MAC matches, then the frame is processed further

b) if not, the frame is dropped

Ethernet Frame Attributes

created in 1973

2 primary versions

-802.3 Ethernet Standard

-DIX Ethernet, or Ethernet II Used in TCP/IP networks

framing style differences are minimal

both define minimum frame size as 64 bytes

max 1518

preamble/Start Frame Delimiter not included when describing frame size

any frame less that 64 bytes discarded as a "runt"

VLAN technology increased maximum frame size to 1522

frame too big or too small, frame is dropped

Ethernet Frame

-preamble and SFD - synchronization between sender and receiver

-Destination MAC -

-Source MAC

-Length Field - exact length of the frame's data field; can indicate which higher-layer protocol is used;

if size greater than 1536, frame is ethertype protocol indicated.

-if 1500 or less, then use of 802.3 frame format

-data field - contains encapsulated layer 3 pdu

-frame check sequence - used to detect errors

In Ethernet, different MAC addresses used for layer 2 unicast, broadcast, and multicast communications

Unicast -destination MAC of receiver

broacast - destination MAC of FFFF.FFFF.FFFF

Multicast - destination MAC is 01-00-5E

MAC and IP

2 primary addresses assigned to a host

Physical Address - MAC

Logical Address - IP

Source device sends based on IP address

DNS used to identify remote network

ARP protocol has 2 basic functions

-resolving IPv4 addresses to MAC addresses

-maintaining a table of mappings

Frame must have destination address to be placed on the media (wire)

refers to ARP table or ARP cache. Stored in RAM on all devices

Each entry binds a MAC with an IP

table maintained dynamically

-adds information by

-monitoring network

-ARP request - L2 broadcast to all devices on the LAN

-entries are time stamped; if the system doesn't get a message by the time stamp expires, the entry is removed

-also capable of static entries

ARP to remote network

-when host creates a packet for a destination, it compares destination IP address to its own IP address to determine if they are both on the same network.

-if not the same network, then ARP to router interface serving as the gateway

ARP issues

overhead on the media

-could initially flood the network

security - ARP spoofing or ARP poisoning

-broadcast adn security issues can be mitigated with modern switches

-switches segment LAN into independent collision domains

-switches send to only sender and receiver, reducing traffic flows

Switching

devices usually connected by a layer 2 switch

switch builds MAC table to make forwarding decisions

if destination MAC is not known, switch sends the frame out all port except receiving port

when destination responds, switch adds MAC to its MAC table

-capable of multiple MACs per port (switch connected to a switch)

switch MAC table sometimes referred to as CAM (content addressable memory)

-transparent to network protocols and user applications

-can operate in different modes that affect the end user

-duplex settings

-half duplex - one talks ata time

-full duplex - send and receive at the same time; CSMA/CD shut off in this case

-Cisco Catalyst supports 3 duplex settings

-half

-full

-auto

-proper cabling also required (or used to be)

-MDIX auto function

autmatic medium dependent interface crossover (auto-mdix)

switches use following forwarding methods

-store and forward

get the entire frame before forwarding

use CRC to determine if it needs to dump frame

analyzes destination for where to forward

required for QoS analysis

-cut-through

holds frame until it gets destination address, then forwards

no error checking

faster than store and forward, but can send broken frames

2 variations to cut-through

-fast-forwards

offers lowest level of latency

typical of cut-through switching

-fragment free

reads first 64 bytes before forwarding (most errors occur in first 64 bytes)

switches use buffering techniques

port-based memory buffering

frames are stored in queues that are linked to specific incoming and outgoing ports

delay occurs if there is nothing transmitting on other ports and buffer is full

shared memory buffer

frame stores in common buffer used for all ports

useful for asymmetric switching

Fixed or Modular switches

PoE allows power to be sent to devices

forwarding rate defines how many frames the switch can process in a second

stackable vs non-stackable

modular configurations - add more cards

Small form-factor pluggable (ports that can be purchased and easily changed out on each switch)

Layer 3 switch

capable of performing layer 3 routing as opposed to the standard switch that just handles layer 2

support Cisco Express Forwarding (CEF)

complex, but based on

Forwarding Information Base

conceptionally similiar to routing table

Adjacency table

maintains layer 2 next-hop addresses for all FIB entries

separation provides benefits

-adjacency table can be built separately from the FIB table

-MAC header rewrite used to forward a packet is not stored in cache entries

layer 3 switch variants

Switch virtual interface (SVI)

logical interface on a switch associated with a VLAN

Routed port

physical port on an L3 switch configured to act as a router port

allow L3 switch to act as a router

not associated with a particular vlan

L3 interface only and does not support L2 protocol

no switchport interface configuration command

Layer 3 EtherChannel

logical itnerface on a Cisco device associated with a bundle of routed ports

lorez landline