A

Note that each IP datagram carries this header, which includes a source IP address and destination IP address that identify the source and destination network and host. An IP address is a hierarchical address, and it consists of two parts The high order, or leftmost, bits specify the network address component (network ID) of the address. The low order, or rightmost, bits specify the host address component (host ID) of the address. Every physical or virtual LAN on the corporate internetwork is...

Aa

L3 192.168.3.1 L3 192.168.3.2 L3 192.168.4.1 L3 192.168.4.2 The steps to deliver an IP packet over a routed network are similar to the steps to send a letter through a mail delivery service. The key is to know the sender's source address and the destination address of the data. There are a number of steps involved in delivering an IP packet over a routed network. The next several figures give you a graphical understanding of the process. Note from earlier discussion that an IP host determines...

About the Author

Steve McQuerry, CCIE No. 6108, is a consulting systems engineer with Cisco Systems focused on data center architecture. Steve works with enterprise customers in the midwestern United States to help them plan their data center architectures. Steve has been an active member of the internetworking community since 1991 and has held multiple certifications from Novell, Microsoft, and Cisco. Prior to joining Cisco, Steve worked as an independent contractor with Global Knowledge, where he taught and...

Accessing Remote Devices

During routine maintenance, it is often desirable to access a device from another device. Cisco IOS Software provides a set of tools for this purpose. The following sections describe methods that you can use to access remote devices. Establishing a Telnet or SSH Connection Telnet or Secure Shell (SSH) applications are useful for connecting to remote devices. One way to obtain information about a remote network device is to connect to it using either the Telnet or SSH applications. Telnet and...

Ack

TCP, UDP, and IP and their headers are key in the communications between networks. Layer 3 devices use an internetwork protocol like TCP IP to provide communications between remote systems. TCP performs sequencing of segments with a forward reference acknowledgment. A forward reference acknowledgment comes from the receiving device and tells the sending device which segment the receiving device is expecting to receive next. For the purpose of this lesson, the complex operation of TCP is...

Adversaries Hacker Motivations and Classes of Attack

To defend against attacks on information and information systems, organizations must define the threat in these three terms Adversaries Potential adversaries might include nation-states, terrorists, criminals, hackers, disgruntled employees, and corporate competitors. Hacker motivations Hackers' motivations might include intelligence gathering, the theft of intellectual property, denial of service (DoS), the embarrassment of the company or clients, or the challenge of exploiting a notable...

Am

Table 4-12 show ip dhcp conflict Command Field Descriptions Table 4-12 show ip dhcp conflict Command Field Descriptions The IP address of the host as recorded on the DHCP server The manner in which the IP addresses of the hosts were found on the DHCP server, which can be a ping or a gratuitous ARP The date and time when the conflict was found Summary Using a Cisco Router as a DHCP Server The following list summarizes the key points that were discussed in the previous sections DHCP is built on a...

App Data

IP Layer 2 send this to 192.168.4.2. L3 192.168.3.1 L2 0800 0222 2222 L3 192.168.3.2 L2 0800 0333 2222 L3 192.168.4.1 L2 0800 0333 1111 L3 192.168.4.2 L2 0800 0222 1111 Figure 4-33 Determine Host Is on a Different Subnet Parking Lot IP I am on 192.168.3.0 24 and the destination is on 192.168.4.0 24, so we are on different segments. I'll have to use the default gateway. ARP My default gateway is 192.168.3.2, but I don't have its MAC address. I'll have to ARP....

Arp

L3 192.168.4.2 L2 0800 0222 1111 L3 192.168.4.2 L2 0800 0222 1111 The router will update its ARP table with the address of the PC and will then send a response to the ARP request, as shown in Figure 4-36. Figure 4-36 Router Responds to ARP Request Parking Lot L3 192.168.3.1 L2 0800 0222 2222 L3 192.168.3.1 L2 0800 0222 2222 L3 192.168.3.2 L2 0800 0333 2222 Router I'll send an ARP reply that I am 192.168.3.2 with a MAC of 0800 0333 2222.

Arpa

Table 4-8 show ip arp Command Output Fields Table 4-8 show ip arp Command Output Fields Protocol for network address in the Address field. The network address that corresponds to the Hardware Address. Age in minutes of the cache entry. A hyphen (-) means that the address is local. LAN hardware address of a MAC address that corresponds to the network address. Indicates the encapsulation type that the Cisco IOS Software is using in the network address in this entry. Possible values include the...

Atm

When a Cisco device boots, CDP starts by default, and automatically discovers neighboring Cisco devices running CDP, regardless of which protocol suite is running. Figure 6-2 displays an example of how CDP exchanges information with its directly connected neighbors. You can display the results of this information exchange on a console connected to a network device configured to run CDP on its interfaces. Figure 6-2 CDP Works Between Neighbor Devices Figure 6-2 CDP Works Between Neighbor Devices...

Balancing Network Security Requirements

The overall security challenge is to find a balance between two important needs open networks to support evolving business requirements and freedom-of-information initiatives versus the protection of private, personal, and strategic business information. Figure 1-19 shows the relationship between expanding the business value and increasing security risks. Security has moved to the forefront of network management and implementation. The survival of many businesses depends on allowing open access...

Basecx

Gigabit Ethernet over copper cabling You can add devices to an Ethernet LAN to extend segments. This topic describes how adding repeaters or hubs can overcome the distance limitation in an Ethernet LAN. A repeater is a physical layer device that takes a signal from a device on the network and acts as an amplifier. Adding repeaters to a network extends the segments of the network so that data can be communicated successfully over longer distances. There are, however, limits on the number of...

Building a Simple Network

When you are building a network, the tasks and components can sometimes be overwhelming. The key to understanding how to build a computer network lies in understanding the foundations of network communications. The key to building a complex network involves gaining an understanding of the physical and logical components of a simple point-to-point network. To become proficient in networking, you must gain knowledge of why networks are built and the protocols used in modern network designs. This...

Bus Topology

The bus topology is commonly referred to as a linear bus all of the devices on a bus topology are effectively connected by one single cable. As illustrated in Figure 1-8, in a bus topology, a cable proceeds from one computer to the next like a bus line going through a city. The main cable segment must end with a terminator that absorbs the signal when it reaches the end of the line or wire. If no terminator exists, the electrical signal representing the data bounces back at the end of the wire,...

C

If you are addressing a nonpublic intranet, these private addresses can be used instead of globally unique addresses. If you want to connect a network using private addresses to the Internet, however, it is necessary to translate the private addresses to public addresses. This translation process is referred to as Network Address Translation (NAT). A router is often the network device that performs NAT. The growth of the Internet has resulted in enormous demands for IP addresses. This section...

C H A P T E R

When sites are located at different geographic locations, a WAN provides interconnections between the sites. WANs are most often charge-for-service networks, enabling you to access resources across a wide geographical area. Several types of WANs exist, including point-to-point leased lines, circuit-switched networks, and packet-switched networks. Also, many physical network devices are used in the WAN, as well as many access and encapsulation technologies such as digital subscriber line (DSL),...

Chapter Objectives

Upon completing this chapter, you will be able to create a simple point-to-point network and describe network components and functions. These abilities include meeting these objectives Identify the benefits of computer networks and how they function Identify common threats to a network and threat-mitigation methods Identify and compare the Open System Interconnection (OSI) and TCP IP layered models that control host-to-host communications Describe IP address classification and how a host can...

Chapter Organization

This book is divided into six chapters and is designed to be read in order because many chapters build on content from previous chapters. Chapter 1, Building a Simple Network, describes the principles on which basic networks operate. This chapter helps build a foundational understanding that is used throughout the other chapters of the book. Chapter 2, Ethernet LANs, explores the operation and configuration of LANs, including the challenges associated with these networks, and describes how...

Chapter Summary

A network is a connected collection of devices that can communicate with each other. Networks in homes, small businesses, or large enterprises allow users to share resources such as data and applications (e-mail, web access, messaging, collaboration, and databases), peripherals, storage devices, and backup devices. Networks carry data (or data packets) following rules and standards called protocols, each with its own specialized function. Networks can be evaluated in terms of both performance...

Characteristics of a Network

Many characteristics are commonly used to describe and compare various network designs. When you are determining how to build a network, each of these characteristics must be considered along with the applications that will be running on the network. The key to building the best network is to achieve a balance of these characteristics. Networks can be described and compared according to network performance and structure, as follows Speed Speed is a measure of how fast data is transmitted over...

Classes of Attack

Passive Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user. Examples include the disclosure of personal information such as credit card numbers and...

Common Physical Components of a Network

The physical components are the hardware devices that are interconnected to form a computer network. Depending on the size of the network, the number and size of these components varies, but most computer networks consist of the basic components shown in Figure 1-2. Figure 1-2 Common Network Components Figure 1-2 Common Network Components These are the four major categories of physical components in a computer network Personal computers (PCs) The PCs serve as endpoints in the network, sending...

Configuring Serial Encapsulation

You can use serial point-to-point connections to connect your LAN to your service provider WAN. You are likely to have serial point-to-point connections within your network, between your network and a service provider, or both. You need to know how to configure the serial ports for such connections. Circuit-switched WANs used to be the most common method of connecting remote sites. Because of the bandwidth requirements of modern applications, circuit-switching technology has been relegated to...

Constructing a Network Addressing Scheme

Subnetworks, also known as subnets, are very common in all but the smallest of network environments, segmenting the network into smaller divisions that have their own addresses. To create subnet addresses, some of the bits used for the host portion of an IP address are borrowed to create the subnet address. The following sections describe how subnets function and how they are computed. Network administrators often need to divide networks, especially large networks, into subnetworks, or subnets,...

Corporate and Government Sales

The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact U.S. Corporate and Government Sales 1-800-382-3419 corpsales pearsontechgroup.com For sales outside the United States, please contact International Sales international pearsoned.com

Cpu

Most of these components are hardware, as follows CPU This is the processor that runs the Cisco IOS and features like route processing. RAM This read write memory contains the software and data structures that enable the router to function. The principal software running in RAM is the Cisco IOS Software image and the running configuration. The RAM also contains the routing tables and packet buffers. RAM is volatile its memory contents will be lost when power is turned off. ROM This type of...

Crc

CRC generated by the originating LAN station or far-end device does not match the checksum calculated from the data received. On a LAN, this usually indicates noise or transmission problems on the LAN interface or the LAN bus itself. A high number of CRCs is usually the result of collisions or a station transmitting bad data. Number of packets received incorrectly having a CRC error and a noninteger number of octets. On a LAN, this is usually the result of collisions or a malfunctioning...

D D

The IEEE divides the OSI data link layer into two separate sublayers Logical link control (LLC) Transitions up to the network layer MAC Transitions down to the physical layer LLC Sublayer The IEEE created the LLC sublayer to allow part of the data link layer to function independently from existing technologies. This layer provides versatility in services to the network layer protocols that are above it, while communicating effectively with the variety of MAC and Layer 1 technologies below it....

Data

Layer 3 192.168.3.1 Layer 2 0800 0222 2222 Layer 3 192.168.3.2 Layer 2 0800 0222 1111 As with the example in Chapter 1, Building a Simple Network, Address Resolution Protocol (ARP) does not have an entry in its MAC address table, so it must place the packet in the parking lot until it uses ARP to resolve the Layer 3 logical IP address to the Layer 2 physical MAC address. This is shown in Figure 2-6. Layer 2 ARP, do you have a mapping for 192.168.3.2 ARP Is...

Data Communications Process

All communications on a network originate at a source and are sent to a destination. A networking protocol using all or some of the layers listed in the OSI reference model move data between devices. Recall that Layer 7 is the part of the protocol that communicates with the application, and Layer 1 is the part of a protocol that communicates with the media. A data frame is able to travel across a computer network because of the layers of the protocol. The process of moving data from one device...

Dce

Data Terminal Equipment User Device with Interface Connecting to the WAN Link Data Circuit-Terminating Equipment End of the WAN Provider Side of the Communication Facility Your CPE, in this case a router, is the DTE. The data DCE, commonly a modem or a DSU CSU, is the device that converts the user data from the DTE into a form acceptable to the WAN service provider. The synchronous serial port on the router is configured as DTE or DCE (except EIA TIA-530, which is DTE only) depending on the...

Discovering Neighbors on the Network

Most network devices, by definition, do not work in isolation. A Cisco device frequently has other Cisco devices as neighbors on the network, and being able to obtain information about those other devices is important to assist with network design decisions, troubleshooting, and completing equipment changes. The following sections describe how to gather information about the Cisco devices in a network and use that information to create a map of the network environment. The Cisco Discovery...

Dly

Delay of the interface, in microseconds. Reliability of the interface as a fraction of 255 (255 255 is 100 percent reliability), calculated as an exponential average over 5 minutes. Load on the interface as a fraction of 255 (255 255 is completely saturated), calculated as an exponential average over 5 minutes. Encapsulation method assigned to an interface. Indicates whether keepalives are set. Type of Address Resolution Protocol (ARP) assigned. Number of hours, minutes, and seconds since the...

Dst Ip 19216831

Layer 3 192.168.3.1 Layer 2 0800 0222 2222 Layer 3 192.168.3.2 Layer 2 0800 0222 1111 Layer 3 192.168.3.2 Layer 2 0800 0222 1111 The data exchange continues until the application stops sending data. In the host-to-host packet delivery example, the host was able to use ARP to map a destination's MAC address to the destination's IP address. However, this option is available only if the two hosts are on the same network. If the two hosts are on different networks, the sending host must send the...

Dst

Layer 3 192.168.3.1 Layer 2 0800 0222 2222 Layer 3 192.168.3.2 Layer 2 0800 0222 1111 The remaining ARP request is passed to ARP. Figure 1-69 shows this operation. Layer 3 192.168.3.1 Layer 2 0800 0222 2222 Layer 3 192.168.3.2 Layer 2 0800 0222 1111 Using the information in the ARP request, ARP updates its table. Figure 1-70 shows this operation. Figure 1-70 ARP Adds Sending Information to Table ARP builds a response and passes it to Layer 2, telling Layer 2 to send the response to MAC address...

Dst Mac

Layer 3 192.168.3.1 Layer 2 0800 0222 2222 Layer 3 192.168.3.2 Layer 2 0800 0222 1111 When the switch receives the frame, it needs to forward it out the proper port. However, in this example, neither the source nor the destination MAC address is in the switch's MAC address table. The switch can learn the port mapping for the source host by reading and learning the source MAC address in the frame, so the switch will add the source MAC address, and the port it learned it on, to the port mapping...

Employees

Find Open Networks Use Them to Gain Free Internet Access View Sensitive WLAN Info and Even Break into WLANs Plug Consumer-Grade APs Gateways into Company Ethernet Ports to Create Own WLANs War driving originally meant using a cellular scanning device to find cell phone numbers to exploit. War driving now also means driving around with a laptop and an 802.11b g client card to find an 802.11b g system to exploit. Most wireless devices sold today are WLAN-ready. End users often do not change...

Enabling Static Routing

Routing is the process of determining where to send data packets destined for addresses outside the local network. Routers gather and maintain routing information to enable the transmission and receipt of such data packets. Conceptually, routing information takes the form of entries in a routing table, with one entry for each identified route. You can statically (manually) configure the entries in the routing table, or the router can use a routing protocol to create and maintain the routing...

Exploring the Functions of Routing

Routing is the process that forwards data packets between networks or subnetworks using a Layer 3 device a router or gateway. The routing process uses network routing tables, protocols, and algorithms to determine the most efficient path for forwarding the IP packet. Routers greatly expand the scalability of networks by terminating Layer 2 collisions and broadcast domains. Understanding how routers function will help you understand the broader topic of how networks are connected and how data is...

Exploring the Packet Delivery Process

The previous sections discussed the elements that govern host-to-host communications. You also need to understand how these elements interact. This section covers host-to-host communications by providing a graphic representation. Layer 1 defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between end systems. Some common examples are Ethernet segments and serial links like Frame Relay and T1. Repeaters...

Exploring Wireless Networking

Wireless networking technology has developed like most new technologies business needs drive technology developments, which in turn drive new business needs, which in turn drive new technology developments. To keep this cycle from spinning out of control, several organizations have stepped forward to establish WLAN standards and certifications. This lesson describes the trends and standards that impact WLAN development. Productivity is no longer restricted to a fixed work location or a defined...

Extended Star Topology

A common deployment of an extended-star topology is in a hierarchical design such as a WAN or an Enterprise or a Campus LAN. Figure 1-10 shows the topology of an extended star. The problem with the pure extended-star topology is that if the central node point fails, large portions of the network can become isolated. For this reason, most extended-star topologies employ a redundant connection to a separate set of connection devices to prevent isolation in the event of a device failure.

Features

This book features actual router and switch output to aid in the discussion of the configuration of these devices. Many examples, illustrations, and notes are spread throughout the text. In addition, you can find many references to standards, documents, books, and websites to help you understand networking concepts. At the end of each chapter, your comprehension and knowledge are tested by review questions prepared by a certified Cisco Systems instructor. NOTE The operating system used in this...

Feedback Information

At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted with care and precision, undergoing rigorous development that involves the unique expertise of members from the professional technical community. Readers' feedback is a natural continuation of this process. If you have any comments regarding how we could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through email at...

Foreword

Cisco Certification Self-Study Guides are excellent self-study resources for networking professionals to maintain and increase internetworking skills and to prepare for Cisco Career Certification exams. Cisco Career Certifications are recognized worldwide and provide valuable, measurable rewards to networking professionals and their employers. Cisco Press exam certification guides and preparation materials offer exceptional and flexible access to the knowledge and information required to stay...

Full Mesh Topology

The full-mesh topology connects all devices (or nodes) to one another for redundancy and fault tolerance. Implementing a full-mesh topology is expensive and difficult. This method is the most resistant to failures because the failure of any single link does not affect reachability in the network. Figure 1-13 shows the connections in a full-mesh topology. Figure 1-13 Full-Mesh Topology Figure 1-13 shows the connections in a full-mesh topology. Figure 1-13 Full-Mesh Topology

Hdlc

Flag Address Control Data FCS Flag Flag Address Control Proprietary Data FCS Flag PPP originally emerged as an encapsulation protocol for transporting IP traffic over point-to-point links. PPP also established a standard for the assignment and management of IP addresses, asynchronous (start and stop bit) and bit-oriented synchronous encapsulation, network protocol multiplexing, link configuration, link quality testing, error detection, and option negotiation for such capabilities as network...

1

Suppose that a host named London sends a frame to a host named Rome. London resides on network segment A, and Rome resides on network segment B. Redundant connections between switches and hosts are provided to ensure continual operations in the case of a segment failure. For the example shown in Figure 2-24, it is assumed that none of the switches have learned host B's address.

Dyp

Authority), 396 IBSS (Independent Basic Service Set), 222 IEEE (Institute for Electrical and Electronic Engineers), 108, 211 standards, comparing, 213-214 IGPs (interior gateway protocols), 396 images, managing on Cisco IOS Software, 445-446, 448 implementing CDP, 428 WLANs, 227 infrastructure mode (802.11), 223 inside global address overloading, 367-368 inside global addresses, 364 inside local addresses, 364 inside source address translation, 366-367 insider attacks, 27 interactive...

Implementing a WLAN

Implementing a WLAN involves more than selecting the desired standard and selecting a security mechanism. Access point placement can have more effect on throughput than standards. You need to understand how the efficiency of a WLAN is affected by such issues as topology, distance, and access point location. Upon completing this lesson, you will be able to describe the factors affecting the implementation of a WLAN. Figure 3-8 shows the original standard-defined 802.11 topologies workgroup (ad...

Info

Figure 1-31 shows how the bits in the first octet identify the address class. The router uses the first bits to identify how many bits it must match to interpret the network portion of the address (based on the standard address class). Table 1-1 lists the characteristics of Class A, B, and C addresses that address network devices. Range of network numbers 1.0.0.0 to 126.0.0.0. Range of network numbers 128.0.0.0 to 191.255.0.0. Range of network numbers 192.0.0.0 to 223.255.255.0. Number of...

Interpreting a Network Diagram

When designing and describing a computer network, you use a drawing or diagram to describe the physical components and how they are interconnected. The network diagram uses common symbols to capture information related to the network for planning, reference, and troubleshooting purposes. The amount of information and the details of that information differ from organization to organization. The network topology is commonly represented by a series of lines and icons. Figure 1-3 shows a typical...

IP Network Addressing

Just as you use addresses to identify the specific locations of homes and businesses so that mail can reach them efficiently, you use IP addresses to identify the location of specific devices on a network so that data can be sent correctly to those locations. IP addressing has various aspects, including the calculations for constructing an IP address, the classes of IP addresses designated for specific routing purposes, and public versus private IP addresses. Learning how IP addresses are...

J

L3 192.168.4.2 L2 0800 0222 1111 L3 192.168.4.2 L2 0800 0222 1111 The pending frame is sent with the local host IP address and MAC address as the source. However, the destination IP address is that of the remote host, but the destination MAC address is that of the default gateway. Figure 4-38 shows the frame being sent to the router. Layer 2 I can send out that pending frame.

Jam Jam Jam Jam Jam

Stations on a CSMA CD LAN can access the network at any time. Before sending data, CSMA CD stations listen to the network to determine whether it is already in use. If it is, the CSMA CD stations wait. If the network is not in use, the stations transmit. A collision occurs when two stations listen for network traffic, hear none, and transmit simultaneously (see the figure). In this case, both transmissions are damaged, and the stations must retransmit at some later time. CSMA CD stations must...

L3 L2

L3 192.168.4.2 L2 0800 0222 1111 The user has programmed the IP address of 192.168.3.2 as the default gateway. Host 192.168.3.1 sends out the ARP request, and it is received by the router. Figure 4-34 shows the PC sending out an ARP request. Figure 4-34 ARP Request for Router Parking Lot ARP The ARP request will say that I am 192.168.3.1. Who is 192.168.3.2

LAN Connections

In addition to connecting multiple devices in a network, the networks themselves can be connected. In fact, the Internet is a collection of connected networks. The concept of connected networks is a common communication infrastructure in large organizations. Connecting networks with diverse devices, architectures, and protocols requires more sophisticated components than simple local-area networks (LAN). Routers are the devices used in this more complex networking environment, and a suite of...

Layer 4 The Transport Layer

The transport layer segments data from the sending host's system and reassembles the data into a data stream on the receiving host's system. For example, business users in large corporations often transfer large files from field locations to a corporate site. Reliable delivery of the files is important, so the transport layer breaks down large files into smaller segments that are less likely to incur transmission problems. The boundary between the transport layer and the session layer can be...

Layer 5 The Session Layer

The session layer establishes, manages, and terminates sessions between two communicating hosts. It provides its services to the presentation layer. The session layer also synchronizes dialogue between the presentation layers of the two hosts and manages their data exchange. For example, web servers have many users, so many communication processes are open at a given time. Therefore, keeping track of which user communicates on which path is important. In addition to session regulation, the...

Logical Topologies

The logical topology of a network refers to the logical paths that the signals use to travel from one point on the network to another that is, the way in which data accesses the network media and transmits packets across it. The physical and logical topologies of a network can be the same. For example, in a network physically shaped as a linear bus, the data travels along the length of the cable. Therefore, the network has both a physical bus topology and a logical bus topology. On the other...

Managing Cisco Devices

Carefully managing Cisco IOS images and configuration files reduces device downtime and maintains best practices. Cisco IOS image files contain the Cisco IOS Software required for a Cisco device to operate, and the device configuration files contain a set of user-defined configuration commands that customize the functionality of a Cisco device. The Cisco IOS File System (Cisco IFS) feature provides a single interface to all the file systems that a router uses. This topic describes the file...

Maximizing the Benefits of Switching

As devices are added to LANs to accommodate more users, and more bandwidth is required by more networked software applications, maintaining an acceptable level of network performance becomes an increasing challenge. There are a number of ways to enhance switched Ethernet LANs to meet the demands of users for performance and availability. Microsegmentation eliminates the possibility of collisions on the network segment, providing a number of benefits in increasing network performance. Figure...

Need for Network Security

In the past, hackers were highly skilled programmers who understood the intricacies of computer communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Internet. These sophisticated attack tools and generally open networks have generated an increased need for network security and dynamic security policies. The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A closed...

Network Environment Management

The network staff is responsible for ensuring that the underlying communications infrastructure is capable of supporting business objectives and associated applications. Network staff is also responsible for managing each device on the network according to best industry practices and for reducing device downtime. This chapter describes commands and processes to determine network operational status, gather information about remote devices, and manage Cisco IOS images, configuration files, and...

Network User Applications

The key to utilizing multiple resources on a data network is having applications that are aware of these communication mechanisms. Although many applications are available for users in a network environment, some applications are common to nearly all users. The most common network user applications include the following E-mail E-mail is a valuable application for most network users. Users can communicate information (messages and files) electronically in a timely manner, to not only other users...

Nvram

The Cisco IFS feature provides a single interface to all the file systems that a Cisco router Network file systems TFTP, Remote Copy Protocol (RCP), and FTP (This lesson only discusses commands used to transfer Cisco IOS images and configuration files to and from a TFTP server.) Any other endpoint for reading or writing data (such as NVRAM, the running configuration in RAM, and so on) One key feature of the Cisco IFS is the use of the URL convention to specify files on Table 6-2 contains some...

OSI Reference Model

The OSI reference model is the primary model for network communications. The early development of LANs, MANs, and WANs was chaotic in many ways. The early 1980s saw tremendous increases in the number and sizes of networks. As companies realized that they could save money and gain productivity by using networking technology, they added networks and expanded existing networks as rapidly as new network technologies and products were introduced. By the mid-1980s, companies began to experience...

Partial Mesh Topology

In a partial-mesh topology, at least one device maintains multiple connections to all other devices, without having all other devices fully meshed. This method trades off the cost of meshing all devices by allowing the network designer to choose which nodes are the most critical and appropriately interconnect them. Figure 1-14 shows an example of a partial-mesh topology.

Password Attacks

A password attack usually refers to repeated attempts to identify a user account, password, or both. These repeated attempts are called brute-force attacks. Password attacks are implemented using other methods, too, including Trojan horse programs, IP spoofing, and packet sniffers. A security risk lies in the fact that passwords are stored as plaintext. You need to encrypt passwords to overcome risks. On most systems, passwords are processed through an encryption algorithm that generates a...

Physical Installations

Hardware threats involve threats of physical damage to the router or switch hardware. Mission-critical Cisco network equipment should be located in wiring closets or in computer or telecommunications rooms that meet these minimum requirements The room must be locked with only authorized personnel allowed access. The room should not be accessible via a dropped ceiling, raised floor, window, ductwork, or point of entry other than the secured access point. If possible, use electronic access...

Physical Topologies

The physical topology of a network refers to the physical layout of the devices and cabling. You must match the appropriate physical topology to the type of cabling that will be installed. Therefore, understanding the type of cabling used is important to understanding each type of physical topology. Here are the three primary categories of physical Bus Computers and other network devices are cabled together in a line. Ring Computers and other network devices are cabled together with the last...

Ppp

Flag Address Control Protocol Data FCS Flag Developers designed PPP to make the connection for point-to-point links. PPP, described in RFCs 1661 and 1332, encapsulates network layer protocol information over point-to-point links. RFC 1661 is updated by RFC 2153, PPP Vendor Extensions. You can configure PPP on the following types of physical interfaces High-Speed Serial Interface (HSSI) PPP uses its NCP component to encapsulate and negotiate options for multiple network layer protocols. PPP uses...

Reconnaissance Attacks

Reconnaissance is the unauthorized discovery and mapping of systems, services, or vulnerabilities. Reconnaissance is also known as information gathering and, in most cases, precedes an actual access or DoS attack. First, the malicious intruder typically conducts a ping sweep of the target network to determine which IP addresses are alive. Then the intruder determines which services or ports are active on the live IP addresses. From this information, the intruder queries the ports to determine...

References

For additional information regarding network security, refer to these resources Much of the material in this lesson comes from readily available documents provided by many government agencies. The Information Assurance Technical Framework Forum (IATFF) is a National Security Agency (NSA)-sponsored outreach activity created to foster dialog aimed at seeking solutions for information assurance problems. The IATFF website can be found at http www.iatf.net.

Resource Sharing Functions and Benefits

The main functions of computer networks in business today are to simplify and streamline business processes through the use of data and application sharing. Networks enable end users to share both information and hardware resources. By providing this interconnection between the users and common sets of data, businesses can make more efficient use of their resources. The major resources that are shared in a computer network include the following Data and applications When users are connected...

Review Questions

Use the questions here to review what you learned in this chapter. The correct answers and solutions are found in the appendix, Answers to Chapter Review Questions. 1. Which three statements about networks are accurate (Choose three.) a. Networks transmit data in many kinds of environments, including homes, small businesses, and large enterprises. b. A main office can have hundreds or even thousands of people who depend on network access to do their jobs. c. A network is a connected collection...

S11 255255255g

NOTE When a configuration is copied into RAM from any source, the configuration merges with, or overlays, any existing configuration in RAM, rather than overwriting it. New configuration parameters are added, and changes to existing parameters overwrite the old parameters. Configuration commands that exist in RAM for which there is no corresponding command in NVRAM remain unaffected. Copying the running configuration from RAM into the startup-config file in NVRAM will overwrite the...

Single Ring Topology

In a single-ring topology, all the devices on the network share a single cable, and the data travels in one direction only. Each device waits its turn to send data over the network. The single ring, however, is susceptible to a single failure, stopping the entire ring from functioning. Figure 1-11 shows the traffic flow in a single-ring topology. Figure 1-11 Traffic Flow in a Single-Ring Topology Figure 1-11 Traffic Flow in a Single-Ring Topology

Star Topology

When installed, the star topology resembles spokes in a bicycle wheel. It is made up of a central connection point that is a device, such as a hub, switch, or router, where all the cabling segments actually meet. Each device on the network is connected to the central device with its own cable. Although a physical star topology costs more to implement than the physical bus topology, the advantages of a physical star topology make it worth the additional cost. Each device is connected to the...

Starting a Cisco Router

A Cisco router goes through its startup when it is first turned on and there is no configuration saved. When the startup is completed, you can enter the initial software configuration. Recognizing correct router startup is the first step in installing a Cisco router. The router must start successfully and have a valid configuration to operate on the network. This lesson describes how the router starts up and explains how to verify its initial operation. The startup of a Cisco router requires...

Summary of Exploring the Functions of Networking

The key purpose of this section was to get a basic understanding of the key components in a computer network and how the network is used by business. The main points are as A network is a connected collection of computing devices that communicate with each other to carry data in homes, small businesses, and enterprise environments. You have four major categories of physical components in a computer network the computer, interconnections, switches, and routers. The major resources that are...

Summary of Securing the Network

Security is an important part of any computer network. When you are building a network, a strong security policy should be part of the foundation. The following items represent a summary of considerations for building a strong security policy Sophisticated attack tools and open networks continue to generate an increased need for network security policies and infrastructure to protect organizations from internally and externally based attacks. Organizations must balance network security needs...

T

Acknowledgments, 79-80 flow control, 78 global synchronization, 83 header format, 69-72 port numbers, 72-73 segmentation, 78 session multiplexing, 77 three-way handshake, 74-75, 77 windowing, 78-81 comparing to OSI reference model, 41-42 Internet layer, 43 transport layer, 63-69 TCP, 74-75, 77-83 TCP UDP header format, 69-72 TCP UDP port numbers, 72-73 TDM (time-division multiplexing), 358 Telnet accessing Catalyst switches, 178 configuring, 307 host access closing, 326 configuring, 323...

The Impact of User Applications on the Network

The key to user applications is that they enable users to be connected to one another through the various types of software. As a business begins to rely on these applications as part of the day-to-day business process, the network that the applications operate in becomes a critical part of the business. A special relationship exists between these applications and the network. The applications can affect network performance, and network performance can affect applications. Therefore, you need...

Trademark Acknowledgments

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. Associate Publisher Cisco Representative Cisco Press Program Manager Executive Editor Managing Editor Development Editor Copy Editor Technical Editors Kevin Kent and Written Elegance,...

Troubleshooting Switch Issues

Most issues that affect the switched network are encountered during the original implementation. Theoretically, after it is installed, a network will continue to operate without issues. However, that is only true in theory. Things change cabling gets damaged, configurations change, and new devices are connected to the switch that require switch configuration changes. Ongoing maintenance is a fact of life. Switches operate at multiple layers of the Open Systems Interconnection (OSI) model. At...

Understanding Binary Numbering

All computers function using a system of switches that can be in one of two positions, on or off. This is called a binary system, with off being represented by the digit 0 and on being represented by the digit 1. A binary number will include only the digits 0 and 1. Network device addresses also use this binary system to define their location on the network. The IP address is based on a dotted decimal notation of a binary number. You must have a basic understanding of the mathematical...

Understanding Ethernet

A LAN is a common type of network found in home offices, small businesses, and large enterprises. Understanding how a LAN functions, including network components, frames, Ethernet addresses, and operational characteristics, is important for an overall knowledge of networking technologies. This lesson describes LANs and provides fundamental knowledge about LAN characteristics, components, and functions. It also describes the basic operations of an Ethernet LAN and how frames are transmitted over...

Understanding TCPIPs Internet Layer

Among the protocols included in the TCP IP protocol stack are a network layer protocol and a transport layer protocol. The internetworking layer handles the routing of packets of data by using IP addresses to identify each device on the network. Each computer, router, printer, or any other device attached to a network has its own unique IP address that routes packets of data. Each IP address has a specific structure, and various classes of IP addresses exist. In addition, subnetworks and subnet...

Understanding TCPIPs Transport and Application Layers

When computers communicate with one another, certain rules, or protocols, are required to allow them to transmit and receive data in an orderly fashion. Throughout the world, the most widely adopted protocol suite is TCP IP. Understanding how TCP IP functions is important for a larger understanding of how data is transmitted in network environments. The way in which IP delivers a packet of data across a network is a fundamental concept in the TCP IP architecture used in large networks....

Understanding the Challenges of Shared LANs

LANs are a relatively low-cost means of sharing expensive resources. LANs allow multiple users and devices in a relatively small geographic area to exchange files and messages and to access shared resources such as those provided by file servers. LANs have rapidly evolved into support systems that are critical to communications within an organization. The following sections describe the challenges that shared LANs face as they confront the increasing need for bandwidth and speed to satisfy the...

Understanding the Hostto Host Communications Model

The Open Systems Interconnection (OSI) reference model was created to help define how network processes function in general, including the various components of networks and transmission of data. Understanding the structure and purpose of the OSI model is central to understanding how one host communicates with another. This section introduces the OSI model and describes each of its layers. Remember that this is a reference model to provide a framework for building protocols and to help people...

Understanding WAN Technologies

As an enterprise grows beyond a single location, it becomes necessary to interconnect LANs in various locations to form a WAN. Several technologies are involved in the functioning of WANs, including hardware devices and software functions. This lesson describes the functions and characteristics of WANs and contrasts them with LANs. The lesson also explores how WANs relate to the Open Systems Interconnection (OSI) reference model in their design and function, which major hardware components are...

Understanding WLAN Security

As discussed previously, the most tangible benefit of wireless is cost reduction. In addition to increasing productivity, WLANs increase work quality. However, a security breach resulting from a single unsecured access point can negate hours spent securing the corporate network and even ruin an organization. You must understand the security risks of WLANs and how to reduce those risks. After completing this section, you will be able to describe WLAN security issues and the features available to...

Using a Cisco Router as a DHCP Server

Originally, network administrators had to manually configure the host address, default gateway, and other network parameters on each host. However, DHCP provides configuration parameters to IP hosts. DHCP consists of these two components A protocol for delivering host-specific configuration parameters from a DHCP server to a host A mechanism for allocating network addresses to hosts DHCP is built on a client-server model. The DHCP server hosts allocate network addresses and deliver...

Warning and Disclaimer

This book is designed to provide information about Interconnecting Cisco Network Devices, Part 1 (ICND1). Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information is provided on an as is basis. The authors, Cisco Press, and Cisco Systems, Inc. shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the...

What Is a Network

The first task in understanding how to build a computer network is defining what a network is and understanding how it is used to help a business meet its objectives. A network is a connected collection of devices and end systems, such as computers and servers, that can communicate with each other. Networks carry data in many types of environments, including homes, small businesses, and large enterprises. In a large enterprise, a number of locations might need to communicate with each other,...

Wxyz

Data link layer, 354-355 physical layer, 350-351, 353 cable connectivity, 360-361 cell-switched, ATM, 392-393 DSL, 358-360 Internet connection, enabling, 356 history of, 361-362 NAT, 363-364 367-368 inside source address translation, 366-367 need for, 348 packet-switched, 357 DHCP client, configuring, 368-372 point-to-point communication links, 383 bandwidth, 383-385 HDLC, 386 PPP, 387-390 serial encapsulation, configuring, 380, 382 versus LANs, 348 war driving, 216 WEP, 215 Wi-Fi Alliance, 211...

X

All forms of DSL services are categorized as asymmetric or symmetric, but several varieties of each type exist. ADSL includes the following forms Consumer DSL (CDSL), also called G.Lite or G.992.2 Very-high-data-rate DSL (VDSL) SDSL includes the following forms Symmetric high-bit-rate DSL (G.shdsl) DSL service can be added incrementally in any area. A service provider can upgrade bandwidth to coincide with a growth in numbers of subscribers. DSL is also backward compatible with analog voice and...