Networking Notes for Interview.doc

July 29, 2017 | Author: Prashanth Kumar | Category: Network Topology, Computer Network, Wireless Lan, Active Directory, Osi Model
Share Embed Donate

Short Description

Download Networking Notes for Interview.doc...


NETWORK ESSENTIAL Network: The physical connection of computers or 2 or more computers connected together called Network. Networking: sharing the resources within a N/W. Share Resources: Hardware & Software Require: Media Media: it’s a communication path through which signal will pass. Internet: connection number of network. NETWORK SIZES LAN: connection of 2 or more location within a single location. CAN: connecting a N/W within a Single campus. MAN:is a large computer network that usually spans a city or a large campus. WAN: is a computer network that covers a broad area (i.e., any network whose communications links cross metropolitan, regional, or national boundaries) Server: who always gives the resources. Peer: who acts as both client and server. Client:who always request for the resources. There are 2 models 1) Work group or peer to peer model 2) Server based model or ( Client model) or (domain model) Operating system 1) Client operating system 2) N/W operating system Client operating system such as: 1) Windows 98 2) NT- Workstation 3) 2000 Professional

N/W operating system such as: 1) server 2000 2) NT server 3) Linux and Netware & windows 2003

Work group or peer to peer model Disadvantage: No centralize device No centralized data base Advantage: Sharing the information Reduce the cost It’s an independent Server based model or (Client or Server model) or (domain model) Disadvantage: It will depends on server Cost is expensive Only local user will be login If server fails the whole N/W is fail. Advantage: Data Centralization Security Effective Permission Single Platform to manage whole network User can login to any computer and access their resources any time and much more Basic components of N/W Media, NIC, Protocols N/W Card: is also called LAN orTransceiver. Multiple home pc:aPC which is having more the one PC. PXE: Pre-execution Environment and it is an Integrated IC. Using PXE we can make client & connect to the server. Different types of N/W card 1) ARC NET 2) TOKEN RING 3) ETHERNET TOPOLOGY: The wave in which the Computers are connected is known as topology. There are 2 types of topology 1) Physical topology: the physical structure of a N/W. 2) Logical topology: it defined the dataflow with in a N/W. ETHERNET: it’s a physical address or MAC address

Each card has its own unique number. MAC: Media access control It is Identity for N/W It is 12 digit Hexadecimal numbers or it is a 48 bit address given for only N/W card. And the address is given by IEEE Command for MAC address 1. Ipconfig/all 2. Winipcfg/all for windows 98 and 95 version. Crimping: the Process of connecting RJ-45 to a UTP cable is known as crimping

TOPOLOGY There are 5 types of topology 1) Bus topology or linear 2) Star 3) Ring 4) Hybrid 5) Mesh BUS TOPOLOGY or Linear Topology A bus network topology is a network architecture in which a set of clients are connected via a shared communications line, called a bus. Require: H/W and S/F, Media BNC Connector, T-Connector, Terminator It uses 10 base 2 thin co-axial cables (RJ-58 Radio gauge) Maximum 30 nodes can connect. In BUS topology the termination is must, always the 1st system & last system must be terminated in order to avoid ringing. Ringing: The bonus pack of the signal is known as ringing.  In bus topology the data flows in Bidirectional.

Fig1: Physical Topology: Bus /Logical

Advantages       

Easy to implement and extend. Easy to install. Well-suited for temporary or small networks not requiring high speeds (quick setup). Cheaper than other topologies. Cost effective; only a single cable is used. Easy identification of cable faults. Reduced weight due to fewer wires. Disadvantages

         

Limited cable length and number of stations. If there is a problem with the cable, the entire network breaks down. Maintenance costs may be higher in the long run. Performance degrades as additional computers are added or on heavy traffic (shared bandwidth). Proper termination is required (loop must be in closed path). Significant Capacitive Load (each bus transaction must be able to stretch to most distant link). It works best with limited number of nodes. Slower data transfer rate than other topologies. Only one packet can remain on the bus during one clock pulse Difficult to troubleshoot. Star topology Star networks are one of the most common computer networktopologies. In its simplest form, a star network consists of one central switch, hub or computer, Its Fig2 looks like: Physical is always star, Logical is always Bus

Fig2: Star Topology 

It requires centralized Device (HUB, SWITCH)

UTP cable

No need for Termination

Disadvantages The cable require is becomes more Cost will be more or high If centralize device fails, the whole N/W will fail. Advantage Status LED’s Troubleshooting easy If the one pc fails the rest of the PC’s will participate We can extend the N/W. RING TOPOLOGY A ring network is a network topology in which each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node - a ring. Data travels from node to node, with each node along the way handling every packet. Require Token ring, Ethernet 1) CDDI: copper distributed data interface 2) FDDI: Fiber distributed data interface 3) IBM Token Ring Cables: UTP cable & Fiber optic cable

Fig3: Ring topology Advantages    

Very orderly network where every device has access to the token and the opportunity to transmit Performs better than a star topology under heavy network load Can create much larger network using Token Ring Does not require network server to manage the connectivity between the computers Disadvantage

 

One malfunctioning workstation or bad port in the MAU can create problems for the entire network Moves, adds and changes of devices can affect the network

 

Network adapter cards and MAU's are much more expensive than Ethernet cards and hubs Much slower than an Ethernet network under normal load MESH TOPOLOGY The value of fully meshed networks is proportional to the exponent of the number of subscribers, assuming that communicating groups of any two endpoints, up to and including all the endpoints. The physical fully connected mesh topology is generally too costly and complex for practical networks, although the topology is used when there are only a small number of nodes to be interconnected. All the pc are connected together It support fault tolerance Require UTP cable

Fig4: Mesh Topology

HYBRID TOPOLOGY Hybrid networks use a combination of any two or more topologies in such a way that the resulting network does not exhibit one of the standard topologies (e.g., bus, star, ring, etc.). For example, a tree network connected to a tree network is still a tree network, but two star networks connected together exhibit a hybrid network topology. A hybrid topology is always produced when two different basic network topologies are connected. Two common examples for Hybrid network are: star ring network and star bus network  

A Star ring network consists of two or more star topologies connected using a multistation access unit (MAU) as a centralized hub. A Star Bus network consists of two or more star topologies connected using a bus trunk (the bus trunk serves as the network's backbone).

Fig5: Hybrid Topology Advantage: The dissimilar topology can be connected.

To building a N/W Combi card: -An N/W card which has more than 1 type of connector is called combi card. Require: - Nodes, Media, NIC, Drivers Drivers: - it is software which makes the H/W to function properly. Plug-N- Play: - is a feature in which it automatically detects the hardware &try to load the resources. In order to support P-N-P 1) Os Must support 2) Bios must have P-N-P compatible 3) The hardware & drivers have P-N-P compatible (Plug & play) Protocol: -is a set of rules which governs how the system will communicate n/w. or it is a common language used by the system for the communicating B/W each other protocol& Protocol is software Protocol stack: - A collection of protocol it is require for in order to provide task. TCP/IP: - Transmission control protocol. It is routable protocol. IPX/SPX: - internetworking packet exchange // Sequential Packet exchange. It is routable protocol. NET BIOS: - Net basic input output system. It is Non- routable protocol. Adopter: - it is a card is connected to one of the slot. Ping: - Packet Internet Grapher.

OSI MODEL OSI: - open system interface or interconnected. OSI model is known as Reference model & how the data will flow in the media this is done by OSI model. It is designed in 1977 the organization ISO. ISO: - International organization for standardization. Reference model has 7 layers &each layer is performed its own task. Each subtask has one layer, the Dividing a subtask is known as task.

OSI Model have 7 Layers Application Layer Presentation Layer Session Layer

7th Layer 6th Layer 5th Layer

Transport Layer

4th Layer

7TH& 6TH& 5TH layer is also known as MESSAGES It is a Top most layer 4thlayer is also known as SEGMENTS It is a medal most layer 3 layer is also known as


Network Layer


3 Layer

PACKETS Data – Link Layer

It is a medal most layer 2ND layer is also known as

2nd Layer

FRAMES It is a lower most layer 1st layer is also known as


Physical Layer

1 Layer

BITS It is a lower most layer








P Please

D do

N Not

T through

S sars

P piazza

A awave

Application Layer : - is a layer at which the users interact with the network. Protocols used by the application layer: FTP=21& 20, TFTP=69, HTTP=80, SNMP= , NMTP=

Presentation Layer It takes the presenting the data to the user or application layer. Presentation layer helps in compression, Encryption, code formatting Protocols used by the Presentation layer: BMP, AUI, WAV, MPEG, DOC. & TEXT MODE: ASCIE, EBCDIC, and JPEU.

Session Layer Which helps establish a session like user logon, exchanging dialogues, alerting, and authentication Which helps in build a session & teardown a session. Before sending the data the session must establish It helps in sending multiple sessions.(At a time a single pc sending so many files, web pages, printer o/p) Before sending the data 1st it contacts the transport layer. Protocols: NFS: - N/W file system. RPC: - Remote processor call. SQL: - structure query language.

Transport Layer It helps in flow control & Error control & segmenting, Multiplexing, Reliable & Unreliable services. Converting data into segments, 3way handshake, and connection management. Segment: - is it a part of a message. Which helps in connection management. Segmenting: - The process of dividing the large number of messages in to small blocks of data is known as segmenting. Flow control: - in order to flow of data. Which maintain the flow of data transfer B/W the PC-PC. Sequential numbering: - which helps in the rearrange the data at the destination. Disadvantage: - there is no sequential number. Advantage: - speed will increase. Example: - there is 2 systemshave 100mbps & 2 systemshave 10mbps {100 mbps has adjusted to 10mbps}. Connection Management: - it is for connection oriented or TCP. Before sending any data the 3way hand shake must establish.

Example: - 3 Way Hand Shake


C1 Comp 1



SYNC _______________________

SYNC/ACKNOWNLEDGEMENT ACKNOWNLEDGEMENT FLOW OF SEGMENT (OR) CONTROL Connection Management 1) Connection establishment 2) Data –flow 3) Connection termination Flow Control How the segments will flow Example: Sender


10 segments

8 segments

Flood /over flowing the data Flow of controls uses 2 methods to avoide the over flow of data. 1) Windowing: it avoids the overflow of data. 2) Ready or not Ready

1) Ready or not Ready Example: Sender


1-50 segments


10 segments

Not Ready Ready Here there is no proper negotiating between devices. 2) Windowing Segments 1-50 Sender

Segments 1-50 Receiver


Negotiation: they will talk each other means source and destination. It will fix window size it is become slow The destination is not over flow. Error control

CONNECTION ORIENTED TCP (Transmission control protocol) Slow Reliable It will work with acknowledgement It uses 3way hand shake Ex: FTP

CONNECTION LESS UDP (User Datagram Protocol) Fast Non-Reliable It will not work with acknowledgement It won’t use 3way hand shake Ex: DNS

Reliable: - the data losses are avoided and there is no data loss. Error control done at Transport layer. Multiplexing

Network Layer Which helps in routing, Brouter, Layer 3 switch & it will converts segments to packets. Packets are also known as datagram. Packets consisting of source and destinationIP address. Error checking done at N/W layer. N/W is a logical&most of the important task will be done at the N/W &Transport Layer. The function of N/W layer routing [Route discovery or Route selection] Routing: - is a device which used for routing & the process of transferring the packets from one network to another network is known as routing. Each Router maintains a table known as routing table. All ways switches check the MAC address. Router: - is used to connect 2 different networks. Device Addressing Logical: - Ip address Physical: - MAC address Where the router acts as a gateway B/W the N/Ws. Hop count: - The one pass through a N/W or router is known as a Hop Count. Routing table: -routers maintain a table known as routing table. Which helps the packets to reach its destination.

Data-Link Layer Data link layer helps in MAC addressing & Error checking. Frame consists of Trailer, Data, and CRC Header: - consists of source and destination MAC address Data: - consisting actual data to send the destination. CRC: - It is consists the Error checking. Error checking is used to know whether the data is altered this error checking is done at the destination end where as it is send by the source end.

Example:-Frame works 1) 2) 3) 4)

After sending a frame it waits for some time. If it receives (-ve) acknowledgement it will retransmit once again. If it receives (+ve) acknowledgement it will transmit the next frame No acknowledgement (+ve) or (-ve) it wait for some time & it transmit the same frame once again.

Parity checking: - is also used for error checking.1) Even Parity 2) Odd Parity MAC address is also known as Hardware (or) physical address. It is 12 digit Hexa-decimal numbersEx: -0A-12-09-BC-08-F3 IEEE: - Divide a 12digit decimal into 2 1st 6 digit It is given by IEEE

2nd6 digit &

It is given by other company

OUT: - organization unique identify 1st digit has to be same and another 6digit we can change that number. In data link layer has 2 sub layers 1) Logical link control (LLC) 2) MAC Binding: - the process of linking the protocol to a NIC is known as binding or The process of interfacing the LAN drivers with protocols is knows as BINDING. Data Link devices:- Bridge & Layer-2-switch. Protocols: - 1) 802.3 2) 802.2 3) SAP/SNAD 4) FRAME RELAY 5) HDLC 6) PPP 7) SDLA LAN protocols: 802.3, 802.2, SAP/SNAD, Frame relay WAN protocols: HDLC, PPP, SDLA

DHCP Dynamic Host Configuration Protocol Installed DHCP in to Windows 2000 & 2003 & 2008 server is called DHCP server. The range of IP address is created depending on the number of clients. The range of IP address must use the same class & same N/W ID which is used for Windows 2000 & 2003 & 2008 server& it is one time configuration. If the server fails the IP address will fail. DHCP port number= 67&68 Release the Existing IP address IPCONFIG / RELEASE Renew the existing IP address IPCONFIG / RENEW Auto private IP address (APIPA) Whenever the client request & no response from the DHCP server the client will automatically generated a class B IP address of its own. To configure DHCP at the Client end 1) Install DHCP in the machine running with server 2) Configure server (a) Give the scope of IP address [Starting & ending range] (b) Specify the lease period Note: - [DHCP will assign the IP address to clients on lease basis] (c) At the client end (a) Select local area N/W & enable Obtain an IP address automatically DHCP service StartSettingsControl PanelAdd/Remove windows componentsN/Wing servicesDHCP

Configuring a DHCP Scope Log on administrator  The DHCP Server provides: 1) 2) 3) 4) 5)

Default gateway address Domain Name Service server addresses WINS server addresses NETBIOS name resolution type. TITLE: DHCP Options Supported by Clients

From the Network Administration group, start DHCP Manager. The DHCP Manager window appears. 1) Under DHCP Servers, select *Local Machine* Local Machine indicates that you are configuring the local DHCP server, and not a remote DHCP server. 2) From the Scope menu, choose Create. The Create Scope dialog box appears. 3) Complete the scope configuration. The DHCP server cannot be a DHCP client. It must have a static IP address, subnet mask, and default gateway address. You also have the option of assigning an exclusion range or specific excluded addresses as well as lease duration and a name. 4) Choose OK when done. 5) Choose Yes to activate the scope. The DHCP Manager window appears with the new scope added. Notice the yellow light bulb next to the IP address. This indicates an active scope. 6) Close the DHCP Manager TCP/IP Models Application Transport Layer Internet Network

Also known as Application, Presentation, Session Also known as Transport Also known as Network Also known as Data link, Physical

802 Projects IEEE: -it is designed 1980 Feb standard for LAN &WAN&it has 12 standards. 1) 802.1 LAN/MAN Management 2) 502.2 LLC sub layer 3) 802.3 CSMA/CD [ Ethernet] 4) 802.4 Token Passing 5) 802.5 IBM Token Ring 6) 802.6 DQDB [Distributed Queue dual bus] 7) 802.7 Broad band N/W 8) 802.8 Fibre optic 9) 802.9 ISDN 10) 802.10 LAN/WAN security 11) 802.11 wireless communication 12) 802.12 Demand priority or 100VG anylan

Media access 1) Contention method a) CSMA/CA & it is used in Apple talc Network b) CSMA / CD & it is user in Ethernet Network 2) Token passing a) Token Ring & FDDI network 3) Demand priority CSMA/CA: - Carrier sense multiple access / collision avoidance. CSMA/CD: - Carrier sense multiple access / collision detection. Contention Method In contention method whenever the nodes what’s to send a data 1st its sense the carrier whenever the carrier is found free it will transmit the data. When 2 systems sense the media at the same time & if it free they will transmit and collision will occur in a Network. Before sending the data C1C4 sense the carrier or media or check to know whether the carrier free. CSMA/CD Hub always logically Bus & physically Star. Switch always physical star & Logical Ring In Ethernet always the data flows in Bidirectional.Ex:- 2 pc’s from C1 to C4& C2  C1are transferring the data at a time.

Disadvantage: - the collision will occur when 2 pc’s transmitted the data at a time. In this method all the system contender to transmit the data. Whenever the number of nodes increases the collision will occurs data is avoided performance will decreases. Ethernet network designed by HAWAI. CSMA/CA Anode wishing to transmit data has to first listen to the channel for a predetermined amount of time to determine whether or not another node is transmitting on the channel within the wireless range. If the channel is sensed "idle," then the node is permitted to begin the transmission process. If the channel is sensed as "busy," the node defers its transmission for a random period of time. Once the transmission process begins, it is still possible for the actual transmission of application data to not occur. In this method it won’t send the data 1st, 1st it will send the signal. TOKEN PASSING In telecommunication, token passing is a channel access method where a signal called a token is passed between nodes that authorize the node to communicate. The most well-known examples are token ring and ARCNET. In case of token passing each system will get an opportunity to transmit the data here the token will be generated. The system which is having the token can transmit the data. In this token passing method the collision are avoided because the data flows in always one direction & more number of systems will simultaneously transmit the data. The Ring Designed by IBM international business machine. DEMAND PRIORITY PROTOCOL Require demand priority switches. Demand priority is the media access control protocol defined in the IEEE 802.12 draft standard. It is called 100VG-anyLAN by HP. various techniques are used to ensure faitness of access for all nodes and to guarantee access time for individual nodes. Round robin selection procedures are used to give each node an equal opportunity to transmit data. Two priority levels are provided so that time-critical traffic such as interactive video, audio and multimedia can be given priority service with guaranteed low delay. A bandwidth allocator can be introduced to control the amount of bandwidth each application can use. These techniques make demand priority able to accommodate multimedia applications with guaranteed performance levels, while allowing normal traffic to use the remaining bandwidth in a fair manner.

NETWORKING DEVICES 1) Hub 2) Switch 3) Router HUB Hub is a device & also known as Concentrator There are 3 types of hub 1) Passive Hub 2) Active Hub 3) Intelligent Hub

1) 2) 3) 4) 5) 6)

Active Hub External power supply Status’s LED’s The signal become strong Amplification No MAC address The administrator check the status of LED’s Passive Hub 1) The signals become weaken. 2) No amplification it’s just act likes a connector which helps how the system will communicate. 3) No amplification 4) No status LED’s Intelligent Hub 1) 2) 3) 4) 5)

It will check the status of the frame The time requirement is more Status of LED’s Amplification It’s have own power supply

SWITCH There are 3 types of switch 1) Store & forward 2) Cut through 3) Fragment free Store & forward 1) Before sending the data it will check the source and destination MAC address 2) It is slow 3) It is Reliable&It will check the CRC.[ cyclic Redundancy check]

Cut through 1) 2) 3) 4) 5)

It won’t check the CRC It will check the destination & Amplify It will faster It won’t check the error Non-Reliable

Fragment free It will check 1st 64 bytes of data There is128bytes In 64 bytes any error will be their it won’t send the data for the destination. Once a switch off the MAC table it will erase & its temporary memory & when the MAC table will take some time & its refresh. 5) Reliable 1) 2) 3) 4)

IP ADDRESSING It is a logical or layer 3 addresses.It is a 32 bit address. It is an Ip 4 version. Each block is known as field or octet. Each field size is 8 bit. 8 bits

8 bits

8 bits

8 bits

Range & Classes of IP address Class A 1 to126 [127 is a Loop back address& it is used for troubleshooting or it is checking for TCP/IP stack] Class B  128 to 191 Class C  192 to 223 Class D 224 to 239 & Class E 240 to 254 [255 is a Broadcast address]

Without sub netting IP address has 2 parts 1) N/W part 2) Host part With subneting IP address has 3 ports 1) N/W part 2) Host part 3) Subneting

To Built N/W Whenever all computer must have same ID [Identification] &all computers must different host ID. Subneting: - The process of dividing large N/W’s into small N/W is known as subneting. Subnet Mask: - which is used to differentiate the Host part from a N/W part. Class A

N/W 1

Host 3

No. of N/W 126

No. of Host 1, 67, 77, 214

Subneting Class A




16, 384

65, 534 Class B




20, 97, 152

254 Class C

D E Multicast address Research purpose

0 for N/W address / Default Routing 127 for loop back address 255 Broadcast addresses (.)Dotperiod is used to separate the field. Note: - While addressing a Host using an IP address the part should not consist of all Zero’s or all ones. Note: - Where all Zeros represent network address where all ones represent broadcast address. For a given 2 N/W addresses are always lost For Class A 2 to the power of 24-2=22 For Class B 2 to the power of 16-2 =14 For Class C 2 to the power of 8-2=6 The host part should consist of 0’s & 1’s.

Private address Class A: [1 N/W is reserved for private] Class B: to [16 N/W is reserved for private] Class C: to [256 N/W is reserved for private] Class C Subneting Mask bits /24 /25 /26 /27 /28 /29 /30

Subnet Mask

# of Host 2 to power of 8 2 to power of 7 2 to power of 6 2 to power of 5 2 to power of 4 2 to power of 3 2 to power of 2

# of N/W’s

256-2=254 128-2=126 64-2=62 32-2=30 16-2=14 8-2=6 4-2=2

Example: to the power of 4Total Network address=16 Host: (16-2=14 from each network) Subnet Mask:

Network address

Host address Range to to to to to to to to to to to to to to to to

Broadcast address

Class B Subneting Host bits /16

Subnet Mask


2 the power of 16










256-2= 254 2 the power of 7

/26 /27 /28 /29 /30

65536-2= 65534 2 the power of 15 32768-2= 32766 2 the power of 14 1 6384-2= 16382 2 the power of 13 8192-2= 8190 2 the power of 12 4096-2= 4094 2 the power of 11 2048-2= 2046 2 the power of 10 1024-2= 1022 2 the power of 9 512-2= 510 2 the power of 8

128-2= 126 2 the power of 6 64-2= 62 2 the power of 5 32-2= 30 2 the power of 4 16-2= 14 2 the power of 2 8-2= 6 2 the power of 13 4-2= 2


Example: to the power of 4Total Network address=16 Host: (16-2=14 from each network)

Network address

Host address Range to to to to to to to to to to to to to to to to

Broadcast address Range

Class A Subneting Host bits /8

Subnet Mask

Host / Subnet

2 the power of 24


16777216-2= 16777214 2 the power of 23


8388608-2= 8388606 2 the power of 22


4194304-2= 4194302 2 the power of 21

2097152-2= 2097150 2 the power of 20

1048576-2= 1048574 2 the power of 19

524288-2= 524286 2 the power of 18

242144-2= 242142 2 the power of 17






131072-2= 131070 /16









2 the power of 16 65536-2= 65534 2 the power of 15 32768-2= 32766 2 the power of 14 16384-2= 16382 2 the power of 13 8192-2= 8190 2 the power of 12 4096-2= 4094 2 the power of 11 2048-2= 2046 2 the power of 10 1024-2= 1022 2 the power of 9 512-2= 510 2 the power of 8 256-2=



/26 /27 /28 /29 /30 2 the power of 7 128-2= 2 the power of 6 64-2= 2 the power of 5 32-2= 2 the power of 4 16-2= 2 the power of 2 8-2= 2 the power of 1 4-2=

126 62 30 14 6 2

Example: 2 to the power of 15Total Network address=768 from each network)

Network address

Host address to to to to to to to to to to to

Host: (2 to the power of 9 =512host

Broadcast address

DEVELPOMENT OF TCP/IP Require: -Media convertor, MSAU, Repeaters MSAU: - Multi Station Access Unit Signal Generator: - It separates the signal& Noise.. PC1 --------------------------------


MSAU: - it is used for IBM Token Ring. Repeaters: - It is a physical layer of OSI Model. Drawback of Repeaters: - it will amplify the signals known as repeaters Media convertor: - It is a small box & it is a device which converts input fibre optic cable to cable to fibre optic cable & output fibre optic cable to converting to the UTP cable is known as media convertor. Connect the Fibre optic cable requires: 1) SC: - Subscriber connector 2) ST: - Straight trip 3) Patch cards

Advantages of Fibre optic cable 1) Cheap: - Fiber optic cables cost less than copper wire, making optical cables a more economical choice when transmitting data over large distances. 2) Secure: - Fiber optic cables offer more secure communications because they are highly resistant to tapping, radio frequency interference and jamming. The United States Department of Defense has been using fiber optics for secure communications for more than 25 years. 3) Low Attenuation: - Fiber optics experience very little data loss, even over long distances, because light travels through the fiber without experiencing attenuation or a loss of intensity over time. 4) Space Saver: - A single fiber optic cable can carry significantly more data than a single electrical cable, which saves space within a building or other small space.

5) Low Attenuation: - Fiber optics experience very little data loss, even over long distances, because light travels through the fiber without experiencing attenuation or a loss of intensity overtime.

802.6 DQDB {Distributed Queue Dual-bus} It is a distributed multi-accessnetwork. a. Supports integrated communications using a dual bus and distributed queuing, b. Provides access to local or metropolitan area networks c. Supports connectionless data transfer, connection-oriented data transfer, and isochronous communications, such as voice communications.

802.2 LLC Sub layer {Link link control} The Logical Link Control (LLC) data communication protocol layer is the upper sub-layer of the Data Link Layer (which is itself layer 2, just above the Physical Layer) in the seven-layer OSI reference model. It provides multiplexing and flow control mechanisms that make it possible for several network protocols (IP, IPX) to coexist within a multipoint network and to be transported over the same network media. The LLC sub-layer acts as an interface between the Media Access Control (MAC) sub layer and the network layer. It is the same for the various physical media (such as Ethernet, token ring, and WLAN). As the Ether type in an Ethernet II framing formatted frame is used to multiplex different protocols on top of the Ethernet MAC header it can be seen as LLC identifier.

802.7 Broad band N/W The IEEE Broadband Technical Advisory Group, chartered to develop standards for definition of a broadband cable plant design and establish guidelines for LAN construction within a physical facility such as a building. This standard has been withdrawn. An IEEE standard for a broadband local area network (LAN) using coaxial cable. This standard was developed for cable Internet companies.

802.11 wireless communication A WirelessLocal Area Network (WLAN) links two or more devices using some wireless distribution method (typically spread-spectrum or OFDM radio), and usually providing a connection through an access point to the wider internet. This gives users the mobility to move around within a local coverage area and still be connected to the network. Wireless LANs have become popular in the home due to ease of installation, and the increasing popularity of laptop computers. Public businesses such as coffee shops and malls have begun to offer wireless access to their customers; sometimes for free. Large wireless network projects are being put up in many major cities: New York City, for instance, has begun a pilot program to cover all five boroughs of the city with wireless Internet access.

802.10 Local Area Network / Wide Area Network 1. Un-patched servers Server systems used within the corporate network, both ones exposed to the internet, and internal servers that have no direct connection to the internet represent a potential major security risk. While most IT departments would claim that they are diligent about applying patches as soon as they are available, this risk has to be taken very seriously as even large companies (Microsoft for example) have failed to patch all servers in a timely manner, leading to disruption of internal network traffic by Worms like Code Red and its variants. (Particularly at risk are internal servers that may be neglected because they don’t connect directly to the internet) 2. Un-patched client software Many common and freely available internet client applications, in particular Internet Explorer, Outlook Express, and Outlook contain security vulnerabilities that may be exploited by a large number of variations on Worm or Viral code. Many of the variations will slip past anti-virus software for several days before anti-virus software makers add their signatures to their software. Many of these threats can be negated by making sure that all web browsing and e-mail software is regularly updated with all available security patches. In the particular case of e-mail attachments, the single most dangerous and common security threat today, Using Microsoft Outlook 2000 patched to at least service release 2 and having the extended attachment security option installed completely blocks all executable content in email attachments. Microsoft Office XP includes the dangerous attachment blocking automatically. It should be noted that no version of Microsoft’s free Outlook Express offers effective blocking of dangerous attachments and users of Outlook Express should therefore have an up to date anti-virus utility installed on their system in addition to training on what attachments are safe to open. 3. Insecure peer to peer file sharing Individual user’s computers often have file and printer sharing turned on, allowing files to be copied directly between computers within an office. While this is very convenient and often essential to workgroup productivity, care must be taken when deciding what folders to share. Workstation computer operating systems generally offer much less security than server operating systems. Network aware worms and viruses may take advantage of unprotected shared folders to spread from machine within a LAN. To prevent the possible spread of viruses between computers the root folder, program folders, and operating system folders should never be shared. Only folders containing data files should be shared, and confidential data that must be shared should be stored on a server where more security is available. 4. Insecure passwords When possible, any resources shared on a network should be protected by allowing access only with a valid user name and password combination. Passwords should be difficult to guess, and not shared or left in plain sight (i.e. stuck to the monitor.) A strong password policy allows access to resources to be restricted as needed, to working hours, and an individual’s access to confidential data can be disabled immediately upon termination.

Protecting the Network Being aware of the above threats and following the guidelines above will provide a reasonable level of safety for a corporate network, but additional steps are usually taken to further reduce security risks. Firewalls and Network Address Translation Most networks have the added security of a hardware or software firewall that blocks and discards any traffic coming into the network that is not expected. Computers behind the firewall usually are assigned special IP (Internet Protocol) addresses that cannot be routed over the internet. Network address translation is performed by a gateway router or proxy server (often integrated with the firewall) that allows computers with non-routable addresses to make requests from the internet. There is no way that unsolicited traffic from the internet can de directed to a computer with a nonroutable address unless the firewall/router etc. has been specifically programmed to pass traffic to a particular server (a web or mail server for example) behind the firewall. Unfortunately a firewall cannot prevent hostile applications running on individual workstations (such as Trojans, Viruses, and Worms) from opening security holes from inside a network, as the traffic can appear to be perfectly normal. Programs like Zone Alarm (which has a free version) try to identify suspicious outgoing traffic, but these need to be installed on each individual workstation and may be of limited usefulness because of a large number of false alarms. The Bottom Line Even If all of the above suggestions are followed to the extreme, there is still the chance that something can get past even the best planned network security; the internet will never be completely safe. These suggestions should in most cases limit potential damage to a single computer. The failure to follow these suggestions, in particular allowing unsafe peer to peer file sharing with inadequate or nonexistent passwords could allow a hostile application to spread to a large number of computers

Expand 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17


File Allocation Table Local Area Network Wide Area Network Campus Area Network Metropolitan Area Network Network Interface Card Unshielded Twisted Pair Shielded Twisted Pair Pre-Execution Environment Media Access Control International Business Machine American Wire Gauge Copper Distributed Data Interface Fibre Distributed Data Interface Twisted Per Inch Electro Magnetic Interface Attachment Unit Interface

18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65


Frequency Division Multiplexing Transmission Control Protocol/Internet Protocol


Internetworking packet Exchange/Sequential Packet Exchange Net Extend User Interface British Novell Connector Open System Interconnector Interface International Standardization For Organization User Datagram Protocol Internet Protocol Dynamic Host Configuration Protocol Internet Network Information Centre Attachment Resources Computing Network Local Talk Access Protocol Token Talk Access Protocol Print Access Protocol Apple Talk Data Steam Protocol Apple Talk Session Protocol Data Gram Delivery Protocol Zone Information Protocol Routing Table Management Protocol Apple Talk Transmission Protocol Network News Transmission Protocol Fully Qualified Domain Name Windows Internet Name Service Domain Name System Or Service Post Office Protocol Hyper Text Markup Language High Level Data Link Control Sequential Data Link Control Point To Point Protocol Serial Line Internet Protocol Command Line Interface Internetworking Operating System Hardware Abstraction Layer Novell Directory Service Active Directory Service Remote Access Service Client Services Netware Gateway Services Netware Logical Link Control Auto Private Internet Protocol Address Carrier Sense L=Multi Access/Collision Avoidance Carrier Sense Multiple Access/Collision Detection Quality Of Services Multistation Access Unit Packet Internet Grapher Institute Of Electrical And Electronics Engineering Netware Link State Protocol

66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 92 93 94 95 96 97 98 99 100 101 102 103 104 105


Open Shortest Path Protocol Routing Information Protocol Shortest Path First Distributed Queue Data Bus Internet Service Digital Network Straight Trip Subscriber Connector Department Of Defense Advance Research Project Agency File Transfer Protocol Simple Mail Transfer Protocol Trivial File Transfer Protocol Hyper Tie Transfer Protocol Address Resolution Protocol Reverse Address Resolution Protocol Internet Control Message Protocol Simple Networking Manage Protocol File & Printer Netware Client Service Netware Gateway Service Netware Remote Processor Call Data Communication Equipment Binary Rate Interface Anolog Switch Connection Digital Switch Connection Time Division Multiple Asynchronous Transfer Mode Microsoft Challenge Remote Authentication Dial In User Service Serial Line Internet Protocol Challenge Handshake Authentication Protocol Extensible Authentication Protocol Password Authentication Protocol Layer 2 Tunneling Protocol Bandwidth Allocation Protocol Point To Point Tunneling Protocol Self Monitoring Analysis Receiving Transceiver Time Domain Reflect meter Challenge Hand Shake Authentication Protocol

ACTIVE DIRECTORY SERVICES An active directory is a directory structure used on Microsoft Windows based computers and servers to store information and data about networks and domains Work group In workgroup model with a single user account user can login from only from that local user system where the account is created but he can’t login from all the system. In work group model only local users can be created Note: Administrator built in user& Administrators built in group

Converting workgroup model to Domain Model

Server act like a 1) 2) 3) 4)

Stand-alone server Member server Domain controller Additional domain controller Standalone – alone server

Standalone servers are independent of domain controllers on the network. They are not domain members and function more like workgroup servers. In many cases a standalone server is configured with a minimum of security control with the intent that all data served will be readily accessible to all users.

Member server Member servers A member server is a computer that: 

Runs an operating system in the Windows 2000 Server family or the Windows Server 2003 family.  Belongs to a domain.  Is not a domain controller. A member server does not process account logons, participate in Active Directory replication, or store domain security policy information. Member servers typically function as the following types of servers: file servers, application servers, database servers, Web servers, certificate servers, firewalls, and remote access servers. For more information about server roles, see Server roles.

The following security-related features are common to all member servers:    

Member servers adhere to Group Policy settings that are defined for the site, domain, or organizational unit. Access control for resources that are available on a member server. Member server users have assigned user rights. Member servers contain a local security account database, the Security Accounts Manager (SAM).

Domain controller Domain controllers A domain controller is a computer that: 

Runs an operating system in the Windows 2000 Server family or the Windows Server 2003 family.

Uses Active Directory to store a read-write copy of the domain database, participate in multimaster replication, and authenticate users. Domain controllers store directory data and manage communication between users and domains, including user logon processes, authentication, and directory searches. Domain controllers synchronize directory data using multimaster replication, ensuring consistency of information over time.

Additional domain controller If you already have one domain controller in a domain, you can add additional domain controllers to the domain to improve the availability and reliability of network services. Adding additional domain controllers can help provide fault tolerance, balance the load of existing domain controllers, and provide additional infrastructure support to sites. More than one domain controller in a domain makes it possible for the domain to continue to function if a domain controller fails or must be disconnected. Multiple domain controllers can also improve performance by making it easier for clients to connect to a domain controller when logging on to the network. You can add additional domain controllers over the network or from backup media. Before adding domain controllers you should thoroughly understand Active Directory and the requirements necessary to set up additional domain controllers in an existing domain

The command used to install active directory services DCPROMO to Install Domain Controller Promote DCPROMO to Demote or Uninstall

Points 1) Active directory services to a standalone server will convert to a domain control 2) To convert standalone server to domain controller install ADS Before installing ADS A) The system must have at least one partition formatted with NTFS 5.0 B) The N/W card has been configured properly. 3) In standalone server we can create the local user can be created 4) By converting standalone server to domain controller you cannot create local users 5) To login from the clients end to a domain controller connect the clients or joint the clients to a member of domain controller. 6) ADScan be installed only on windows 2000, 2003 server family. It cannot be installed on 2000 or XP Professional. 7) In 2000 or XP professional only local users can be created. 8) When I connect the standalone server to a member of domain controller it will become Member Server. 9) From the member server. The administration can be done but the directory will be updated in domain controller not the member server

10) Disjoining the member server from a domain controller will convert to a standalone server. 11) The process of transferring the database from one system to another system called Replication. 12) To support the fault tolerance creates one additional domain controller where it will keep an additional copy of directory database. 13) The database updated in the domain controller will be replicated to Additional Domain Controller.

Points a) When I connect between 2 different parent by default there is no relational ship. b) In this case users in one domain cannot authenticate in the other domain & users in the other domain cannot authenticate in this domain. c) In this case user has to manually establish the relationship. This relationship is known as TRANSITIVE TRUST d) NON TRANSTIVE TRUST establish by in one way. e) B/W parent & child domain by default a 2way trust relationship will establish by default this is known as Transitive Trust. Means users in one domain can authenticate in the other domain & users in the other can authenticate in this domain because both the domains are Trusting B/W each other.

A one way Non Transitive Trust HOD.COM

Pc1 Pc 2 Pc 3



Pc1 Pc 2 Pc 3


In this Trust one domain has to be configured as Trust Domain. (Where the user account are their) and the other domain has to be configured as Trusting Domain.

In the one way Non Transitive Trust as shown in the above figure users in the MD domain can authenticate in the domain but users in the domain cannot authenticate in the The arrow indicates Trusted to Trusting.

Parent Domain

Schema A schema is a set of rules which defines the tree structure.

A collection of tree are Known as Forest. By default name of the active directory database NTDS

PROFILE Profile: user desktop environment Profile is divided by 2 types 1) Software profile 2) Hardware profile Local profile:Stored in the C:\Documents and Settings\username folder. The profiles file is NTUSER.DAT in the directory called by the user's name. Drawback: the user is not getting the same desktop in the other system whenever you login. Mandatory profile:Which discards any changes the user makes to their profile at logoff time, can be implemented by modifying the name of the user profile file from ntuser.dat to The ntuser.ini file is used to set up the user roaming profile components that are not copied to the server. The ntuser.dat.log file is used for ntuser.dat file recovery in the case of an error. Additional folders in the c:\documents and settings\username folder are: Desktop, Start Menu, My Documents, and Cookies. User can change the desktop Roaming Profile: Stored on an NT server and downloaded to the computer that the user logs onto. This way the same user's profile can be available on any machine. It is profile which will be updated in the Domain controller. Disadvantage: in roaming profile whenever the user logoff the changes will be updated Drawback: background changes are updated.

RAID (Redundant Array of Independent Disks)

BASIC Manufacture Disk Partition Support all OS Convert basic to dynamic Disk

DYNAMIC Not available Volume 2000 family Can’t convert

Simple Volume:The process of extending the size within a single drive is known as simple volume. We can create volumes after converting basic disks to dynamic mini single disk & up to 32 disks is required. In simple volume we can extend the volumes as much as possible with in the disk region. Simple volume is not fault tolerance. Spanned volume:after upgrading as dynamic from the basic disk we can create spannedvolume We can extend the size of a volume by utilizating the free spaces from more than 1 Disk. At start writing the 1st disk & later on finishing that it goes to 2ndhard disk. Data will be written one after another It won’t support fault tolerance Can’t extend system partition further. Only NTFS partition can be extended Uneven size of space from different disks can be put together & create a volume. If any 1 disk fails the whole disk will crush. RAID “0” OR Stripe Volume It requires mini-2 HDD & Maxi -32HDD On this volume we can have an even space from all the disks & put together & create a volume. It will take the least space from the disk & create a volume. Data will be written simultaneously in the entire disk at a time.& it can be extended. It will uses for even sizes and performance. Disadvantage: It won’t support fault tolerance.There is no Redundancy

RAID “1” OR Mirroring & Duplexing Volume In order to create Mirroring 2HDD mini & maxi 2HDD & we should combine the HDD of having same R P M (Rotation per Minute). After creating mirrored volume data will be automatically copied as it’s on the other disks. If we cannot 2 HDD in a particular IDE then it becomes Mirroring. In case one HDD from to IDE 0 & one HDD from IDE-1 then it becomes Duplexing. It support fault tolerance. RAID “5” OR Stripping with parity Volume It require mini 3 HDD Maxi=32 HDD It supports fault tolerance here also only even space of all the disks may be clubbed. In this method 67% of the data may be written in the entire disk & 33% of the space will be resources for the parity information. In this method we can break the Mirroring that makes 2 separate volumes & there will be no fault tolerance. & we can remove disk that makes it will remove whole disk.

Bridge HUB



3 4


Bridge 5



pc1 Port 1




Port 2

A network bridge, also known as a layer 2 switch, is a hardware device used to create a connection between two separate computer networks or to divide one network into two. Both networks usually use the same protocol; Ethernet is an example of a protocol. Network devices include, but are not limited to, Personal Computers (PCs), printers, routers, switches and hubs. Devices connected to a network via an Ethernet adapter card have what is known as a Media Access Control (MAC) address, also called a physical or hardware address. It is this address that uniquely identifies a device to a bridge that can then determine to which network the device is connected. The principal function of a networkbridge is to forward data based on the MAC address of the sending and receiving devices. This operation helps to eliminate what are known as collision domains. One way of defining a collision domain is a network in which one device, also called a node, and forces every other device to listen when it is transmitting data packets. Another definition states that a collision domain exists when two or more devices attempt to transmit information at the exact same time. Networks

running Carrier Sense Multiple Access/Collision Detection (CSMA/CD) should, in theory, be protected from collisions occurring, but CSMA/CD can fail. Whenever collisions occur, the efficient transmission of data packets is greatly compromised. The more devices that are on a network trying to transmit data, the greater the chance for a collision to occur. A network bridge can be used to segment one network into two, thereby reducing the number of devices competing for transmission privileges. For example, if network A has 20 devices, there is the likelihood that two or more of them will attempt to transmit data at the same time and cause a collision. If a network bridge is added, it can split network A into networks A and B of 10 devices each. Once the network bridge is incorporated, it will begin to "listen" to the transmission of data performed by devices on the two networks. It accomplishes this by recording the MAC address of the devices in a table that it automatically generates without being programmed to do so. When the first device transmits data, the network bridge will add its MAC address to what is known as a forwarding table for future reference. The bridge also looks at the MAC address of the destination or receiving device. If it does not appear in its table, the bridge will broadcast the data packet to all devices on both networks to locate the intended destination. Forwarding tables are not instantly built, rather the network bridge has to wait until it receives a transmission from a device before it can learn its MAC address. MAC addresses of receiving devices also have to be learned via broadcast, a search for the location of the destination. Once the destination responds, its address is also added to the forwarding table of the network bridge. Eventually, all MAC addresses will be captured and data packets will be efficiently routed straight to their destination. This will happen without all devices having to listen to one transmitting device. When the sending and receiving devices are on the same network, no forwarding of data packets takes place. If they are on opposite networks, the bridge will forward the information. The prevention of collisions is not the only advantage of using bridges; they also are used to control the flow of information to maintain privacy. When a device transmits, it is seen by the bridge as a MAC address that belongs to one of two separate networks, and if the sending and receiving devices are on the same network, the data will not be forwarded. This is one way anetwork administrator might maintain privacy of information. Features of bridge Which isolates 2 different collision domains. Which will doubles the bandwidth It reduces the traffic Disadvantage In bridge all the ports must have the same N/W ID. Whereas using router we cannot different N/Ws. Advantage Different types of N/Ws can be connected like 1) Ethernet with token ring 2) Token ring with Ethernet.

This is possible because bridge acts like a translator. Which accept the frame from an Ethernet n/w translated into a format that will be understood by the token ring n/w & (Viceversa)



BRIDGE Built table based on MAC address


All the ports must have the same network number

3 4

Unknown address will be forward Forward the broad cast address

ROUTER Built table based on the network address It can connect different network number It will filter the unknown address It won’t forward the broadcast address


1 2

BRIDGE Switch mode: store & forward Duplexing: Function in only ½ duplexing

3 4

FPS: Switch will have more FPS(50,000) Ports: (2 TO 16)

SWITCH Store & forward Function in both ½ duplexing & fullduplexing >1 Million 100

The bridge will forward the unknown addresses to all the other ports from where it receives the frame. Bridge uses a protocol spanning tree protocol. (STP) Spanning tree protocol: is set of rules which dynamically select the path by communicating with the bridges when the bridges are connected in parallel to provide the redundancy.

View more...


Copyright ©2017 KUPDF Inc.