Topic 1 Requirements and technologies

Client requirements for internet connection

 Costs are a major factor i.e. is it affordable?
 Performance
o Must be fast enough to meet business needs
 Installation and help
o if installation is slow then it can cost the business time and money.
 Communication
o must be able to communicate with outside users
 Security
o must be secure to maintain network stability, and safety of files.
 internet services
o access to the internet, communicating with foreign users on foreign LANS, illegally
downloading movies, going on chat roulette etc
 internet service providers
o those who give you access to the internet.
 infrastructure components
o taking a guess but cabling, routing, location of gateways etc
 specifications
o to meet he business needs? :S
 current technologies –
o Ethernet 10, 100,
o 1000 Mbits/sec,
o 10G Ethernet 10Gb/s,
o Token ring 4 or 16Mb/s,
o FDDI 100Mb/s Highly reliable network backbone,
o ATM 155Mb/s Expensive & specialized,
o WLAN 11Mb/s WiFi
 connection types: dialup, DSL, cable, satellite, wireless.
 ISPs: services, evaluation, selection

Topic 2 TCP/IP, addressing and subnetting

TCP/IP Protocols and Utilities

 TCP/IP layers and main protocols – top to bottom (in reference to the TCP/IP Model?)
o Application
o Transport
o Internet
o Network Access

Protocols (at least in the application layer, might ask questions specific to some layers)
 Domain Name Service Protocol (DNS) is used to resolve Internet names to IP addresses.
 Hypertext Transfer Protocol (HTTP) is used to transfer files that make up the Web pages of the
World Wide Web.
 Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail messages and attachments.
 Telnet, a terminal emulation protocol, is used to provide remote access to servers and networking
devices.
 File Transfer Protocol (FTP) is used for interactive file transfer between systems.
 Encapsulation – the wrapping of data in a particular protocol header
 Header – The informational data at the beginning of a data block that devices use to process the
datagram
 Data – umm packets? lol

 Application layer: user apps eg

o telnet – enables remote connection of a host to device
o ftp - used to exchange and manipulate files over a TCP/IP-based network
o service protocols
 http – method used to transfer or convey information on the WWW
 smtp – protocol for e-mail transmission across the internet
o utilities
 ping – Tests connectivity between devices
 traceroute – Show the path in real-time from the source device to the destination
 nslookup – checks information on DNS
 TCP and UDP ports and port numbers
o Registered
TCP
 8008 HTTP
 8080 HTTP
 2000 VOIP
o UDP
 1812 RADIUS Authentication
 5004 RTP
 5060 SIP
o Well known
TCP
 21 FTP
 23 Telnet
 25 SMTP
 80 HTTP
 110 POP3
 194 IRC
 443 Secure HTTP (HTTPS)
o UDP
 69 TFTP
 520 RIP

 TCP fields:
o ?
 source port, destination port, sequence number, acknowledglement number, flags etc
 TCP flags field: ACK, SYN etc
Three way handshake
o SYN packet from sender
o SYN+ACK from receiver
o ACK from sender
o Sequence numbers to reassemble packets in correct order
 TCP three-way handshake, sequencing, flow control
o Above
 Port numbering, well-known ports, registererd ports, private/dynamic ports
o Used above
 UDP: differences from TCP, examples eg dhcp
 TCP is a connection-oriented protocol, a connection can be made from client to server, and
from then on any data can be sent along that connection.
o Reliable – Once you have sent a message you will receive another message saying whether
the message has been delivered properly, otherwise the server will send you a message
back saying failed or it re-request the lost parts.
o Ordered – Data will always be ordered. Users don’t have to worry about message being
received in the wrong order.
o Heavyweight – Has to always resend requests, and put back sequence parts
together...requires a lot more work than UDP
 UDP uses simpler message-based connectionless protocol. With UDP you send messages(packets)
across the network in chunks.
o Unreliable - When you send a message, you don't know if it'll get there, it could get lost on
the way.
o Not ordered - If you send two messages out, you don't know what order they'll arrive in.
o Lightweight - No ordering of messages, no tracking connections, etc. NIC and OS has less to
do
 Socket = IP address + port number
 Network layer: encapsulation, physical addressing, eg ethernet, token ring, isdn
o Encapsulation – wrapping of data in a particular protocol header
o Physical addressing – used on Ethernet, the 48-bit destination Ethernet address in a packet
is compared with the receiving node's Ethernet address.
 IP: addressing, routing, fragmentation, upper layer delivery
o Routing – process of finding the destination host
o Fragmentation – involves the fragmentation of IP datagrams in order to meet MTU
requirements of a layer 2 process.
o Upper level delivery - ?
 ICMP: purpose, packet format, services, utilities, security issues
o Purpose – reports errors and provides other information relevant to IP packet processing
o Format – bytes
o Services – ???
o Utilities – Ping
o Security issues - ???
 ARP: purpose, ethernet/mac address, relationship to network and internet layers, ethernet frame
format, arp packet format, how arp works, arp cache
o Arp maps MAC address to IP addresses
 o Purpose is to find hosts hardware addresses when only its network layer address is known.
o Works by broadcast
o all NIC’s listen
o only the matching IP replies with MAC
o arp cache is all the ip’s it has contacted. Hence storing them.
 To view the cache run the command arp –a
o
 Networking files: eg /etc/hosts, /etc/services, /etc/protocols, /etc/sysconfig/network-scripts/ifcfg-
eth0, /etc/resolv.conf, /etc/nsswitch.conf
 Networking commands: eg dmesg, ifconfig, ping, arp, netstat, nslookup, dig, host, traceroute,
tcpdump, dhclient, setup, netconfig
o Dmesg – Displays the system control messages from the kernel ring buffer. This buffer stores
all messages since the last system boot, or the most recent ones if the buffer has been filled.
o Ifconfig – TCP/IP command. Describes IP information of a network adapter i.e. eth0, eth1,
eth2. Shows IP’s subnet masks
o Ping – tests connectivity between computers
o Arp – maps all MAC addresses to IP’s
o Netstat – Show’s network status. Can print, information on active sockets, routing tables,
interfaces, masquerade connections, or multicast memberships.
o Nslookup – Queries DNS
o Dig – replaces nslookup
o Host – equivalent to dig
o Traceroute – Traces the route taken by packets to reach network host. Uses UDP probe
packets with a TTL, then listens for an ICMP “time exceeded” reply from the gateway.
Usually 30 hops but can be changed.
o Tcpdump – Dumps headers and packets of network traffic that match expression
 Expression can be;
 Direction –src, dst, src or dst
 Protocol – ether, fddi, tr, wlan, ip, ip6, arp, rarp, decnet, tcp, and udp
 Type – host (hostname), net (ipaddress), port (port number)
o Dhclient – provides a means for configuring one or more network interfaces using the
Dynamic Host Configuration Protocol, BOOTP protocol
o Setup – ???
o Netconfig – A text-based tool for simple configuration of ethernet devices.
 Use netstat to list listening ports, connections, port numbers, distinguish well-known (server-end)
ports from dynamic (client-end) ports
o Netstat –a
o Netstat –an
o Netstat –g
o etc
 Services file, format
 Demonstration of arp, arp cache
o Use ARP -a
 Ping, icmp, demonstrate type and code fields for echo request and echo reply
 Use netstat to display open ports, TCP connections, protocol statistics, local route table
 Use nmap (port scanner) to display open ports
IP Addressing

 Number of bits, octets, bit weight, Binary / Decimal conversion

o Cisco stuff
 The purpose and details of Classes A, B, C, D and E, including initial bit prefix and the use of the
{NetID, HostID} generic format
 Decimal ranges for the first octets of the the Classes A, B, C and D
o Class A     0.0.0.0 127.255.255.255
o Class B     128.0.0.0 191.255.255.255
o Class C     192.0.0.0 223.255.255.255
o Class D 224.0.0.0 239.255.255.255

 Address types: unicast, multicast, broadcast

o Broadcast – transmitting a packet that will be received by every device on the network
o Unicast – the sending of information packets to a single destination
o Multicast – delivery of information to a group of destinations simultaneously using the
most efficient strategy to deliver messages over each link of the network only once and
only create copies when the links to the destinations split.
 The format and significance of special addresses: loopback, cable/segment/network , broadcast
o Loopback – 127.0.0.1 for ipv4
o Cable/segment/network – ????
o Broadcast – format is binary and/or decimal
 Private addressing: purpose and specific ranges

Subnetting

 purposes of subnetting
 default subnet masks for class A, B and C addresses
 subnet mask in traditional and CIDR (classless internet domain routing) notation
 calculate the number of bits required for a specific number of subnets required
 create a decimal subnet mask (from the number of bits required)
 calculation of subnet numbers, number of addresses per subnet, range of numbers per subnet,
network address of subnet, broadcast address for subnet
 calculating subnets based on allocated address range and required number of subnets and/or
required number of hosts per subnet
 practise subnetting exercises in PDF IP addressing book
 create network diagrams where subnetting has been applied exercise (calculate network/cable
address, broadcast address, host range for any subnet),
 sample subnetting test question, in which you refer to this subnets diagram
Topic 3 DHCP

 purpose and role of dhcp protocol

 dhcp terminology, eg scope, exclusions, address pool, lease, reservation
 starting and stopping dhcp service
 configuration files, eg /etc/dhcpd.conf, eg specification of subnet and range of addresses
 dhcp leases file
 dhcp clients, eg dhclient

Topic 4 Routing

 routing terminology and concepts

 direct vs indirect, static vs dynamic,
 distance vector, link state, metrics, convergence, Interior Gateway Protocols, Exterior Gateway
Protocols
 Autonomous Systems, Network Address Translation, Classless Inter-Domain Routing
 routing protocols: RIP, RIP2, OSPF
 enable routing in Linux
 setting default gateway
 setting static routes
 viewing routing tables with route and netstat commands
 routing diagrams, eg involving 3 subnets and 2 routers, and connection to internet
 function of icmp redirects
 routing software, dedicated hardware routers (Cisco etc), broadband routers, layer 3 switches
 subnet vs segment vs vlan

Topic 5 Gateways

 general purpose of NAT and NAT concepts

 relationship of NAT to general routing
 diagram of a NAT configuration, showing ip addresses, external and internal networks
 Linux NAT configuration details
 enabling routing and use of iptables commands
 port forwarding
 typical broadband router configuration and features
 cabling, web-based configuration, virtual server (port forwarding), DHCP setting, DMZ, firewall,
internal (LAN) vs external (WAN) address, wireless setup, wireless security (eg SSID, channel,
authentication type, password), cabling, web-based configuration
 purpose of dynamic dns
Topic 6 DNS

 nature of dns as hierarchical and distributed database

 domain name space levels: root, top, second
 FQDN name rules
 types of DNS servers: Root, Master/Primary, Secondary, Caching
 purpose of forward and reverse lookup zones and zone files
 purpose of resource records (RR’s): A, PTR, SOA, CNAME and MX
 use of short names and DNS Suffixes, Root Hints, Delegation, Dynamic Updates
 hosts file, determining priority of hosts file vs dns on Linux
 text-based configuration on Linux: dns server (bind), forward and reverse zone files,
named.conf, starting and stopping named
 purpose of named.root file
 graphical configuration options, eg gui program and webmin web-based configuration
 querying dns using nslookup, host and dig
 client dns configuration, /etc/resolv.conf, /etc/nsswitch.conf