Pv6 Addresses

The 128-bit address used in IPv6 allows for a greater number of addresses and subnets (enough space for 1015 endpoints 340,282,366,920,938, 463,463,374,607,431,768,211,456 total ). IPv6 was designed to give every user on Earth multiple global addresses that can be used for a wide variety of devices, including cell phones, PDAs, IP-enabled vehicles, consumer electronics, and many more. In addition to providing more address space, IPv6 has the following advantages over IPv4 Easier address...

Unified Wireless and Location Services Architecture

The Cisco Unified Wireless solution provides an integrated infrastructure for location-based services. This solution leverages the same wireless network infrastructure as corporate wireless access for employees. It can locate and track 802.11 Wi-Fi clients and 802.11 Wi-Fi tags. Because many types of RFID tags are not Wi-Fi-enabled, meaning that they do not use 802.11 wireless, a bridging device is needed. Such devices are called RFID chokepoints. Chokepoints can read the RFID tags and then...

T

T.120 protocols, 284 tailgating, 181 TCP (Transmission Control Protocol), 13, 16 alternative, 16 compatibility, 251 connections, establishing, 16 Flow Optimization (TFO), 251 problems, 16 TCP IP (Transmission Control Protocol Internet Protocol), 5, 148 connections, establishing, 16 datagrams, 16 port numbers, 17 windowing, 17 TDM (time-division multiplexing), 72, 76 technologies broadband, 85 optical DPT, 107-108 DWDM, 107-108 fiber-based MANs, 107 metro, 109-111 SONET, 107-108 telemetry, 211...

Dynamically Allocated IP Addresses

A network administrator is responsible for assigning which devices receive which IP addresses in a corporate network. The admin assigns an IP address to a device in one of two ways by configuring the device with a specific address or by letting the device automatically learn its address from the network. Dynamic Host Configuration Protocol (DHCP) is the protocol used for automatic IP address assignment. Dynamic addressing saves considerable administrative effort and conserves IP addressing...

Problems with Loops

Although redundancy can prevent a single point of failure from causing the entire switched network to fail, it can also cause problems such as broadcast storms, multiple copies of frames, and MAC address table instability. A broadcast storm refers to the infinite flooding of frames. Broadcast storms can quickly shut down a network. An example of a broadcast storm is shown here. 1. A broadcast frame is sent by another segment and is received by the top ports of switches A and B. 2. Both switches...

Network Availability

One of the most important aspects of networking is keeping the network running at all times, under any circumstances, even during times of excessive use or stress. Actually, especially during times of excessive use or stress. Why Because a downed network can mean millions of dollars per minute in lost revenue. Consider a large retailer with 3000 stores that processes hundreds of credit card transactions per minute. If it cannot accept credit card purchases, it delays or loses sales. The first...

Sometimes the Earth Is Flat

As with most networking technologies, there has sometimes been a pendulum effect in the popularity of Layer 2 bridged (flat) networks versus Layer 3 routed networks. Cisco's initial business convinced customers to insert routing devices to break up their predominantly flat, bridged networks to more efficiently transmit traffic and reduce the number of users affected when broadcast storms and loops occurred. However, in the mid-1990s, LAN switches became wildly popular for replacing bridges and...

W

WAAS (Wide Area Application Services), 249 data redundancy elimination, 252 importance, 250 overview, 250 problems, 250 TCP compatibility, 251 transparency, 250-251 WAE (Wide Area Engine), 250 WAFS (Wide Area File Services), 243 caching, 245-246 file engine, 244-245 importance, 244 problems, 244 transparency, 245 WANs (wide area networks) defined, 71 dialup services, 71 routers, 73 switches, 73 transport services, 71 ATM, 72, 76-77 broadband, 73, 85 circuit switching, 71 Frame Relay. See Frame...

Monitoring Asset Location

Information about the signals received from Wi-Fi clients and devices is collected by the Cisco Location Appliance. The data can then be combined with building floor plans or local maps to form a visual map of Wi-Fi devices using WCS. Filters can be applied to view assets with desired characteristics. Determining the presence and location of rogue devices, such as unauthorized wireless APs, is also possible. Third-party applications can be integrated to provide tracking of other types of...

Port Numbers

TCP and UDP can send data from several upper-layer applications on the same datagram. Port numbers (also called socket numbers) are used to keep track of different conversations crossing the network at any given time. Some of the more well-known port numbers are controlled by the Internet Assigned Numbers Authority (IANA). For example, Telnet is always defined by port 23. Applications that do not use well-known port numbers have numbers randomly assigned from a specific range. The use of port...

Sonet

Synchronous Optical Network (SONET) is a Layer 1 technology that supports the high transmission rates (155 Mbps to 10 Gbps) needed in metro applications. SONET serves as a backbone transport for other technologies such as Ethernet and ATM. It is commonly used by service providers for transport (metro and long-haul). SONET also has extensive OAMP (Operation, Administrative, Maintenance, and Provisioning) capabilities, allowing precise fault detection and rapid (50 ms) failover. Highly...

Subnet Masks

Routers use a subnet mask to determine which parts of the IP address correspond to the network, the subnet, and the host. The mask is a 32-bit number in the same format as the IP address. The mask is a string of consecutive 1s starting from the most-significant bits, representing the network ID, followed by a string of consecutive 0s, representing the host ID portion of the address bits. Each address class has a default subnet mask (A 8, B 16, C 24). The default subnet masks only the network...

Sonet Dwdm and DPT

Three primary optical technologies are employed today Synchronous Optical NET (SONET) Dense wavelength division multiplexing (DWDM) Dynamic packet transport (DPT) All three convert electrical signals into light and vice versa. Fiber-Optic Transmission Systems (FOTS) do the conversion. Fiber-optic signals are not susceptible to electrical interference. The signals can transmit over long distances and send more information than traditional electrical transports. The combination of these benefits...

ISDN Device Types and Reference Points

ISDN specifies both the equipment and the connection points between equipment to ensure compatibility with the PSTN and among ISDN vendors. TE1 Terminal endpoint 1. TE1s are devices that have a native ISDN interface. NT2 Network termination 2. An NT2 aggregates and switches all ISDN lines at the customer service site using a customer switching device. NT1 Network termination 1. NT1s convert signals into a form used by the ISDN line. An NT1 plugs into a standard phone jack. TE2 Terminal endpoint...

Malicious DHCP Server

Attackers can use malicious DHCP requests and their associated responses to gain control of a legitimate user's device. This can also be used to usurp the legitimate device's access to the network for illegitimate purposes. Hackers can also attempt to flood the legitimate DHCP server with requests for addresses to either overrun the server or exhaust the pool of available addresses, thereby denying service to legitimate users. If you enable DHCP snooping, DHCP requests per port can be...

Rogue Access Points

Rogue or unauthorized wireless access points provide a serious security threat to a network. Locating and shutting down such unauthorized APs can be difficult without automated detection and location systems. The Cisco Unified Wireless solution uses authorized wireless access points to scan the environment for rogue access points. Detection information is provided to the WLCs, which can then assist in correlation and isolation and provide the information to the WCS. Wireless topology...

Identifying Subnet Addresses

This subnet mask can also be written as 24, where 24 represents the number of 1s in the subnet mask. This subnet mask can also be written as 24, where 24 represents the number of 1s in the subnet mask. Given an IP address and subnet mask, you can identify the subnet address, broadcast address, and first and last usable addresses within a subnet as follows Write down the 32-bit address and the subnet mask below that (174.24.4.176 26 is shown in the following figure). Draw a vertical line just...

Why Should I Care About QoS

QoS refers to a network's perceived and measured performance, typically thought of in terms of the sound quality of a voice call or the availability of critical data. Without implementing a QoS strategy, applications such as Unified Communications, videoconferencing, and mission-critical data applications are subject to best-effort (nonguaran-teed) transmission. This can result in choppy voice or video during times of network congestion or loss of critical data. The figure illustrates the...

Open Versus Proprietary Systems

Although the open-source model is well-known today, when the OSI model was being developed, there was an ongoing struggle to balance technical openness with competitive advantage. At that time, each individual network equipment vendor saw it as an advantage to develop technologies that other companies could not copy or interact with. Proprietary systems let a vendor claim competitive advantage as well as collect fees from other vendors it might choose to share the technology with. However,...

D Anarchists Crackers and Kiddies

So who are these people, and why are they attacking your network Anarchists just like to break stuff. They usually exploit any target of opportunity. Crackers are hobbyists or professionals who break passwords and develop Trojan horses or other software (called warez). They either use the software themselves (for bragging rights) or sell it for profit. Script kiddies are hacker wannabes. They have no real hacker skills, so they buy or download warez, which they launch. Others include...

Identity Based Networking

Most modern corporate networks do not provide access to network services to a device or user without first establishing the device's or user's entitlement to those services. Identity-Based Networking Services (IBNS) lets network administrators restrict access to devices that can prove their identity to the network. Identity may involve different types of credentials for different devices. For example, a laptop or computer may require the user to enter his or her corporate user ID and password....

Second Order Traffic Anomaly

Traffic spikes are pretty common in networking. Because networks typically are oversubscribed (as described in Part III, Network Design), seeing spikes that exceed bandwidth thresholds is expected and can even be tolerated. However, when the spikes turn into plateaus (meaning that the thresholds are exceeded for a sustained period), the network could be under attack. These sustained periods of very high usage are called second-order traffic anomalies. They are the reason that scavenger QoS...

History of Ethernet

Robert Metcalfe developed Ethernet at the famous Xerox Palo Alto Research Center (PARC) in 1972. The folks at Xerox PARC had developed a personal workstation with a graphical user interface. They needed a technology to network these workstations with their newly developed laser printers. (Remember, the first PC, the MITS altair, was not introduced to the public until 1975.) Metcalfe originally called this network the Alto Aloha Network. He changed the name to Ethernet in 1973 to make it clear...

Why Should I Care About the OSI Model

The Open Systems Interconnection (OSI) model is a conceptual framework that defines network functions and schemes. The framework simplifies complex network interactions by breaking them into simple modular elements. This open-standards approach allows many independent developers to work on separate network functions, which can then be combined in a plug-and-play manner. The OSI model serves as a guideline for creating and implementing network standards, devices, and internetworking schemes....

Efficient Deployment of Critical Data

In an effort to improve business productivity, corporations are implementing web and Internet applications such as customer relationship management (CRM), enterprise resource planning (ERP), and e-mail. This move has resulted in the accumulation of large amounts of corporate data, and these voluminous stores of data are critical to a company's operation. Large amounts of data require large amounts of storage. SANs have emerged as the premiere technology for advanced storage requirements. SANs...

Virtual Circuits

Frame Relay connections are established using logical connections called virtual circuits. Virtual circuits can pass through several DCE devices throughout the Frame Relay Packet-Switched Network (PSN). Several virtual circuits can be multiplexed into a single physical circuit for transmission across the network. The two types of virtual circuits are switched virtual circuits (SVC) and permanent virtual circuits (PVC). An SVC is a temporary connection used for sporadic data transfer between DTE...

WAN Services

Three types of transport are used with WANs Point-to-point Also known as leased line, a point-to-point connection is a pre-established link from one site, across a service provider's network, to a remote site. The carrier establishes the point-to-point link for the customer's private use. Circuit switching A service provider establishes a dedicated physical circuit into a carrier network for two or more connections. Unlike point-to-point, which has exactly two sites connected to a single...

The OSI Model

At some point, everyone involved with networking comes across a reference to the Open Systems Interconnection (OSI) seven-layer model. Because this model provides the architectural framework for all of network and computing communication, it's a good place to start. Even if you don't ever plan on setting up your own network, being familiar with this model is essential to understanding how it all works. The OSI seven-layer model describes the functions for computers to communicate with each...

Evolution of Ethernet

When Metcalfe originally developed Ethernet, computers were connected to a single copper cable. The physical limitations of a piece of copper cable carrying electrical signals restricted how far computers could be from each other on an Ethernet. Repeaters helped alleviate the distance limitations. Repeaters are small devices that regenerate an electrical signal at the original signal strength. This process allows an Ethernet to extend across an office floor that might exceed the Ethernet...

ARP Poisoning Spoofing

Address Resolution Protocol (ARP) is a tool that allows devices to communicate when they do not have all the information they need about the device that they are trying to communicate with. Attackers can use ARP to learn the MAC and IP addresses of legitimate users on the network using a technique called gratuitous ARP. As soon as the hacker has obtained address information, he can use it to conduct man-in-the-middle attacks, sniff passwords, or siphon off data. Attacker 10.1.1.25 Victim...

High Level Diagram

The Cisco network virtualization solution provides an end-to-end architecture that offers secure partitioning of the physical networking infrastructure into multiple virtual networks. These virtual networks can support mergers and acquisitions, segregation of specialized agencies, guest networks, hosted network services, and other applications. General Employee Merged New Segregated Department Compliance) General Employee Merged New Segregated Department Compliance) The solution covers endpoint...

Scavenger QoS

Scavenger QoS operates on the principle that if we know a typical application's behavior on a device and on the network, we can build safeguards into the network to recognize and stop an application if it is not behaving normally. For example, if we know that a particular port on the network has an IP-enabled telephone connected to it, and we know that device normally transmits less than, say, 150 kbps of RTP traffic packets, and suddenly we see more than 4 Mbps of RTP traffic from that port,...

Keeping the Network Alive from Afar

Network management is the process of documenting, monitoring, troubleshooting, and configuring network devices. Network management gives visibility to the networking staff. The routers and switches in a network have the same components as a regular PC. There are a CPU (or two), memory, storage, and network interfaces. The primary difference from a PC is that network equipment is highly optimized to perform certain functions, such as passing packets quickly. The nature of today's networks is...

How Packets Are Prioritized

Ice Cream Voice Frozen Waffles Voice Non-perishables Routing , Overhead Ice Cream Voice Frozen Waffles Voice Non-perishables Routing , Overhead Some queuing systems always give preferential treatment to high-priority traffic. This ensures that the ice cream (time-sensitive packets) always arrives on time, but it comes at the cost of choking out the meats and vege- tables (regular data) that make up the bulk of the enterprise data diet (and is y critical to its survival). How Link Fragmentation...

Secure Networking Over the Internet

Traditional WAN networking involved dedicated circuits running Frame Relay or leased lines. Although prices have recently decreased, the cost of these private circuits continues to be relatively high. In addition to dedicated WAN connections, corporations had to maintain large banks of dialup modems (or outsource the dial-in to a vendor) so that workers could remotely access the corporate network with modems. In both cases, the goal was to extend the corporate network to remote locations and...

Campus Design Best Practices

High availability refers to the network's ability to recover from different types of failures. High availability should be designed in at many layers. With a sound design, network stability is easily achieved, troubleshooting is made easier, and human error is reduced. Layer 1 Redundant links and hardware provide alternative physical paths through the network. Layers 2 and 3 Protocols such as spanning tree, HSRP, and others provide alternative path awareness and fast convergence. Application...