"form follows function": every feature should have a purpose "there are no gargoyles or frescos in a well-designed network." :) "The network is most beautiful when it is invisible to the end user." keeping real objectives in mind. making sure you know why the network is built. "networks costs money to build" bummer. WAN and MAN. Wide and Metropolitan keep existing technology in mind. how much traffic? security requirements. book focuses on lower stack. OSI stack model: 7 Application User and application data The reason for having a network in the first place 6 Presentation Data formatting, encryption, character encoding ASCII versus EBCDIC, software encryption of a data stream 5 Session Negotiates and maintains connections Name and address correlation, software flow control 4 Transport End-to-end packet sequencing and reliability UDP, TCP, SPX 3 Network Routing, flow control, translation between different media types IP, IPX 2 Data Link (MAC) Basic framing of packets, error detection, transmission control Ethernet packets, including collision mechanisms 1 Physical Electrical and optical media, signaling and properties Cabling, the electrical or optical pulses sent through the cabling book focuses on 4-1. packet design. specifications are the lines between the stack and for packets to pass through they must meet specifications. layer three is where the internet protocol (IP) comes in. TCP - transmission control protocol. UDP - User Datagram protocol. TCP determined as more reliable. PORT - numbers for applications to pass data through the network. a way to prioritize. layer 6 encrypts! layer 7: "This is where the contents of your email message or database query live." interestingnggg. VPN - gated comunnity. PPPoE PPP over Ethernet. protocols as functions and layers as a way to organize functions. bridging = switching. MAC - media access control. bridging is different in that it has to format packets before sending them along, switching just figures out and sends. layer3 switch can potentially make LANs faster. networks are built to support applications but last longer than typical appilactions so they have to be modular. disregarding security, users should be able to access all of the network. fault tolerance. network should not break if equipment breaks. duplicating key pieces of equipment. renundancy as splitting up a LAN into VLANS. many different ways to skin a cat. ways to make a network BETTER> break @ 10:13. back @ 10:16. MUTLTIPLE SIMULTANEOUS FAILURES> how much redundancy is needed?? BUT! complexity makes reliability worse. NETWORK NEEDS TO BE INVISIBLEEEE automated fault recovery - check and see if router is available every couple of minutes. load balancing - two primary / backup systems. "point of failure" failures, failures, failures. MEAN TIME BETWEEN FAILURES MTBF summary: the more devices, the more failures. "aggressively or heat damage to the backplane. Power supplies, however, are much less he power supply is the most likely component failure in any piece of electronic equipment" there are failure probability formulas buffer - temporarily stored in memory. ways to connect devices - bus, ring star, mesh. uses machines for specific purposes. unicast - broadcast sent to one person. ring configurations provieds verification. star - hub and spoke. star is most common config mesh topology - fully meshed - every item is connected to every other item. mesh networks are not effecient. scalability is factor when deciding a ring topology collision is when two items send packets simultaneuously token ring avoids colision spanning tree - a different kind of topology. 5states: blocking, forwarding, listening, learning, or disabled. "All neighboring devices must agree on this interval so that they all know when to expect the next hello packet. If the timers do not agree, it is possible to have an extremely unstable network, as the switch with the smaller timer value thinks that its trunks are continuously failing and recovering. " spanning tree operates with timers, if the timers are not in sync, the network will fail. recovery - use two routers. if one fails then the other takes over (duh!) VLAN - virtual network designated by switches. VLAN generates speghetti. kitty problem @ 9:11 back @ 9:13 switches can "color" packets to show which VLAN they come from. marking territory. collapsed backbone - network made from smaller networks. bottlenecking problems in this scenario./ checking "fastest internet connection" online. answer: 2Gb/s FMI: By a trunk I mean any high-speed connection that carries traffic for many end-device segments. In this book, I often use the term trunk to refer specifically to a connection that carries several VLANs. trunks get first priority for rendundency. "bridge on campus, route off campus." router is a device that connects two or more different Layer 3 addressing regions. FILTERING - for security, policy based routing/ low amount of security compared to a firewall. ex: a filter that allows only certain IPX addresses through. monitor CPU usage of filters port-level security - specific MAC address can access a port. VLAN distrubution method a good rule for trunk aggregation is to assume that 5% of the devices on the network will burst simultaneously. symmetry as a feature of a good network design. LAN technology factors: е Cost efficiency е Installed base - previously installed network. е Maintainability е Performance ееееееееееееееее list of assigned values: http://standards.ieee.org/regauth/ethertype/type- pub.html collission dectection for packets good paragraph: "There are several interesting features of this PAUSE frame. It is always sent to the multicast address 01- 80-C2-00-00-01, and it is the only defined member of a new class of MAC Control packets. Perhaps future versions of 802.3 will require other types of control messages. In general, the PAUSE looks like a regular 802.3 frame, except that the value in the length/type field is 88-08. The data segment of the frame contains the two-byte Control Opcode type, followed by the value of the pause time variable and sufficient padding of zeros to make the frame reach the required length. Since this is the only defined Control message, it has a Control Opcode of 00-01. " hubs and switches go hand-in-hand. ATM was gonna be the new hot shit but gigabit took over. for crazier data (voice, video) its better still to use ATM listening to itunes shuffleddddd FYI: If you want high-speed LAN infrastructure, ATM is probably not the most cost-effective way to get it. NNI - network-network interface, connect switches to each other. VBR, UBR, AND ABR.....bitrates i guess classical IPs are becoming less common? Emulated LANS! from the book :"If a network designer wants to upgrade a LAN infrastructure that contains FDDI components, she needs to understand how it works. " SHE? SHE? jk access point = could be a wireless hub wireless can use bluetooth. WEP suckz firewall between two switches a firewall is a security device, defined by the security it gives. book advises against handmade firewalls vertical and horizontal cabling just fell asleep at the computer. it is better to pull horizontal LAN cabling through the floor or walls rather than the ceiling (does that mean horizontal cabling is actually vertical?) drilling holes in cement for cabling is called "coring" and it's expensive current Gigabit Ethernet specification restricts multimode fiber cable runs to 500 meters (but this book is about 5 years old. is it different now? cabling methods INTERNET PROTOCOL! protocols used for LANs; TCP/IP, IPX, and Appletalk. IETF - internet engineering task force banyon vines protocol is officially obsolete TCP/IP of course is the hot shit. ip addresses consist of 4 octets (8-bit bytes) netmask - similar notation of IP addresses "Each 1 bit in the netmask indicates that the corresponding bit in the IP address is part of the network address. Each 0 bit in the netmask similarly identifies a host part of the address. " "Consider the common example where the netmask is 255.255.255.0, and assume that the network address is 10.212.15.0. As a result, the first usable host address in this range is 10.212.15.1 and the last one is 10.212.15.254." 255.255.255.255 can be used for loopbacks (author keeps using SHE for network designer. is he trying to be overly PC?) subnetting - IP's like 192.168.1.1 some of this info seems obsolete network size ca be expressed in the size of the mask. ARP address resolution protocol. ICMP packets are PINGS! they also report error conditions "Another important example is when an IP packet is too large to pass through a particular section of the network. Ordinarily, this is not a problem because the router simply breaks up the packet into fragments and passes it along. However, some applications set a flag in their packets to prevent them from being fragmented. In this case, the router has no choice but to drop the packet. " NAT - network address translation also called address masqueerading. NAT can cause confusion if not implemented properly class C subnets from book: subnet binary comment 192.168.1.0 000-00000 All zeros in the network portion of the address 192.168.1.32 001-00000 First nonzero subnet 192.168.1.64 010-00000 192.168.1.96 011-00000 192.168.1.128 100-00000 192.168.1.160 101-00000 192.168.1.192 110-00000 192.168.1.224 111-00000 All ones in the network portion of the address amazing quote: "This sort of policy had an unfortunate side effect that nearly destroyed the Internet. " for unregistered addresses, some are set aside that will never be used, so there are no conflicts. when internal confilcting occurs, use NAT address masks and classes "You need extra addresses in each subnet, extra subnets in each area, and extra room for more areas in the network. " allowing space for address to grow every ARP query is a broadcast "Most end devices use a simple ARP cache system that allows only one MAC address to be mapped to each destination IP address. If one router fails, the second will not be able to take over. " DNS provides mapping between host names and corresponding IP addresses (i.e. web addresses.) in a web address: www.supercentral.org (top level domain is .org, supercentral is organization domain name) DHCP is a protocol that makes it possible to automatically configure end devices CHAPTER 6 DYNAMIC ROUTINGGGGG distance vector algorithm link state algorithm PATH VECTOR SYSTEM static routes for networks are not advisable. they are called cumbersome and labor intensive. IGP or EGP IGP(internal gateway protocol) handles routing within an autonomous system. EGP(external) updates routes between autonomous systems. autonomous systems are: a less vague term than 'network'. another more specific word for network. RIP(routing information protocol) metric is defined as a number of 'hops' routing table to determine fastest paths packets have a time to live variable that is an unsigned char (255) it counts down every hop and if it reaches the bottom it dies. this is done to avoid infinity loops. (idea - immortality is shunned it the packet world.) SPLIT HORIZON -routers refrain from passing info back to the router that originally sent it. Split Horizon with Poisoned Reverse Split Horizon means that the router doesn't advertise itself as a route to any device that it considers closer to the destination ONLY OPEN SHORTEST PATH The process by which all routers in an area learn the Link State database from one another is called flooding. pause @ 9:01 to pay electricity. back @9:07 on page 171 book brings up 56kbps lines, effectively dating itself. BGP most popular EGP im feeling like the book is not meant to be read in order. internationally the Internet is best viewed as a completely arbitrary collection of interconnected networks. 3rd time!::: However, as mentioned earlier in this book, fully meshed networks do not scale very well. THIS IS NOT A LINEAR FICTION IPXXXXXX, JKJK IPX "Internetwork Packet Exchange (IPX) is a Layer 3 protocol that forms the basis for Novell's network operating system (NOS) called NetWare" awkwarrddd:"Unfortunately, some of the terminology adopted by Novell is different from that used in IP networks. For example, Novell calls every device that provides IPX services a router. This term can cause some confusion. Thus, in this book, I continue with the already adopted language. " pause to fine printable eyechart @ 9:22 back @ 9:27 IPX address are called network numbers UGHHHH specific routing for IPX EIGRP can support IPX and also AppleTalk! IPX address are hexadecimal IP and IPX addresses contain the same number of bytes, and they both summarize from the left. Thus, you can do a decimal-to-hexadecimal conversion of the IP address to get the IPX network number. ipx does not have ping more efficiency 4 parameters of efficiency as defined by author: latency, jitter, throughput, and dropped packets keeping hop counts low (duh) This queuing delay means that every additional hop increases the net latency of the path. Latency is something that should be kept as low as possible in any network. Because this extra latency is random, the more hops that exist, the more variation there is in the latency. This variation in latency is called jitter. Jitter is not a problem for bulk data transfers. But in any real-time applications such as audio or video, it is disastrous. These applications require that the time to deliver a packet from one point to another be as predictable as possible, or the resulting application will suffer from noticeable gaps. These gaps will appear as audible pops or skips and frozen or jumping video images. The most noticeable jitter issues happen when the latency of one packet is significantly different from the latency of the next packet following it in the same data stream. This is what causes skips, pops, and frozen frames in audio and video applications. So jitter is defined as the difference in latency between any two successive packets, as opposed to a general difference or standard deviation from the mean latency. (idea - create jitter for video) network games should happen at the edges pause for svg code. back @ 9:58 packet queueing and buffering еееееееееееее drop precedence packet design from 1981! traffic types: primarily TCP, UDP, and ICMP smaller packet sizes have lower latency RSVP(!) reserves resources for network. QoS - quaility of service good networks makes lazy network managers. DOCUMENTING PATCH PANEL CHANGES (booorinnngg) emphasis on effective labeling and record keeping. better to have a list of problems than a graphical map. ping is a good way to monitor. SNMP simple network management protocol Dynamic Host Configuration Protocol (DHCP) is a system that allows end devices to learn network information automatically. (WORD?) now listening to the jam moorree filteringgg firewalls are a form of filtering MOOREEE REDUNCDENCY HAHHAHAA important to have human protocols when dealing with equipment. have to document changes all the same way. password recovery: "Password recovery means that an intruder can take advantage of a power failure to take control of a network device. From there, it might be possible to gain control of other network devices, perhaps even the Core of the network. Gaining control of these devices is a lot of work, requiring a skilled attacker, but it is possible. For this reason, some network-equipment vendors (particularly Cisco) actually include two serial ports, one called Console and the other Auxiliary. The Console port, but not the Auxiliary port, can be used for password recovery. In this case, it is safest to connect any out-of-band management equipment to the Auxiliary port." MULTICASTING multicast routing is more difficult. IPv6 a response to lack of IP addresses. "I may be accused of being a Luddite, but I never like to be the first kid on my block with the latest technology. " IPv6 address: 1A30:5BFE:0000:48C9:8A10:03BF:7801:0A3F QoS in IPv6 is similar to that of IPv4. IPv6 vs. IPv4: basically the same just addressed differently "See, for example, the April Fool's joke RFC 3093, which describes a way to make a tunnel through HTTP. Since most firewalls readily pass all HTTP packets, it is possible to hide an interactive session inside of an HTTP session. To the firewall, though, it just looks like legitimate web traffic. "