Kazohi Blog

Assigning IPv6 Address Internet Assigned Numbers Authority (IANA) provides address blocks to RIRs (Regional Internet Registries) RIRs assigns smaller subnet blocks to ISPs (Internet Service Providers) ISP assigns a /48 subnet to the customer

Classful Subnetting Very specific subnetting architecture Not used since 1993 But still referenced in casual conversation Used as a starting point when subnetting Standard values The construction of a subnet Network address The first IP address of a subnet -Set all host bits to 0 (0 decimal) First usable host address One number higher than the network address Network broadcast address The last IP address of a subnet - Set all host bits to 1 (255 decimal) Last usable host address One number lower than the broadcast address

Networking with IPv4 IP Address, e.g., 192.168.1.165 Every device needs a unique IP address Subnet mask, e.g., 255.255.255.0 Used by the local device to determine what subnet it's on The subnet mask isn't (usually) transmitted across the network You'll ask for the subnet mask all the time What's the subnet mask of this network? Default gateway, e.g., 192.168.1.1 The router that allows you to communicate outside of your local subnet The default gateway must be an IP address on the local subnet Special IPv4 addresses Loopback address An address to yourself Ranges from 127.0.0.1 through 127.255.255.254 An easy way to self-reference (ping 127.0.0.1) Reserved addresses Set aside for future use or testing 240.0.0.1 through 254.255.255.254 Virtual IP addresses (VIP) Not associated with a physical network adapter Virtual machine, internal router address

SDN (Software Defined Networking) Networking devices have two functional planes of operation Control plane Data plane Direct programmable Configuration is different than forwarding Agile Changes can be made dynamically Centrally managed - Global view, single pane of glass Programmatically configured Orchestration - No human intervention Open standards / vendor neutral A standard interface to the network Distributed switching Remove the physical segmentation A virtual network distributed across all physical platforms When a VM moves, the network doesn't change Servers will always connect to the right VLAN

Circuit Switching Circuit is established between endpoints before data passes Like a phone call Nobody else can use the circuit when it's idle Inefficient use of resources Connection is always there It's mine. You can't use it. Capacity is guaranteed You'd better use it, you paid for it. POTS (plain old telephone service) and PSTN (public switched telephone network) T1/E1/T3/E3 Create a circuit between two sites ISDN Use a phone number to call another ISDN modern Packet switching Data is grouped into packets Voice, data, video, etc. like a network The media is usually shared Someone else can use it, even when you don't One connection may have more bandwidth allocated than another How much money would you like to spend? SONET, ATM DSL Frame relay MPLS Cable modem Satellite Wireless

Packet filtering Used to allow or deny traffic Also used for NAT, QoS, etc. Defined on the ingress or egress of an interface Incoming or outgoing ACLs can evaluate on certain criteria Source IP, Destination IP, TCP port numbers, UDP port numbers, ICMP Deny or permit What happens when an ACL matches the traffic? ACLs have evolved through the years More options and features available for traffic filtering Firewall rules Access control lists (ACLs) Allow or disallow traffic based on tuples Groupings of categories Source IP, Destination IP, port number, time of day, application, etc. A logical path Usually top-to-bottom Can be very general or very specific Specific rules are usually at the top Implicit deny Most firewalls include a deny at the bottom Even if you didn't put one

NAT (Network Address Translation) It is estimated that there are over 20 billion devices connected to the Internet (and growing) IPv4 supports around 4.29 billion addresses The address space for IPv4 is exhausted There are no available addresses to assign How does it all work? Network Address Translation This isn't the only use of NAT NAT is handy in many situations Port Forwarding 24x7 access to a service hosted internally Web server, gaming server, security system, etc. External IP/port number maps to an internal IP/port Does not have to be the same port number Also called Destination NAT or Static NAT Destination address is translated from a public IP to a private IP Does not expire or timeout RFC 1918 Private IPv4 Addresses

Managing Network Traffic Many different devices Desktop, laptop, VoIP phone, mobile devices Many different applications Mission critical applications, streaming video, streaming audio Different apps have different network requirements Voice is real-time Recorded streaming video has a buffer Database application is interactive Some applications are "more important" than others Voice traffic needs to have priority over YouTube Packet shaping Packet shaping, traffic shaping Control by bandwidth usage or data rates Set important applications to have higher priorities than other apps QoS (Quality of Service) Prioritize traffic performance Voice over IP traffic has priority over web-browsing Prioritize by maximum bandwidth, traffic rate, VLAN, etc. Quality of Service Describes the process of controlling traffic flows Many different methods - Across many different topologies Managing Q0S CoS (Class of Service) OSI Layer2 Ethernet frame header in an 802.1q trunk Usually applied in th...

Dual-stack routing Dual-stack IPv4 and IPv6 Run both at the same time Interfaces will be assigned multiple address types IPv4 Configured with IPv4 addresses Maintains an IPv4 routing table Uses IPv4 dynamic routing protocols IPv6 Configured with IPv6 addresses Maintains a separate IPv6 routing table Uses IPv6 dynamic routing protocols Tunneling IPv6 6 to 4 addressing Send IPv6 over an existing IPv4 network Creates an IPv6 based on the IPv4 address Requires relay routers IP protocol 41 - a transition technology No support for NAT 4in6 Tunnel IPv4 traffic on an IPv6 network Teredo/Miredo Tunnel IPv6 through NATed IPv4 End-to-end IPv6 through an IPv4 network No special IPv6 router needed Temporary use We'll have IPv6 native networks soon (?) Miredo - Open-source Teredo for Linux, BSD Unix, and Mac OS X Full functionality NDP (Neighbor Discovery Protocol) No broadcasts! Operates using multicast over ICMPv6 Neighbor MAC Discovery Replaces the IPv4 ARP SLAAC (Stateless Address Auto Confi...

The IP address of a device IP Address, e.g., 192.168.1.165 Every device needs a unique IP address Subnet mask, e.g., 255.255.255.0 Used by the local workstation to determine what subnet it's on The subnet mask isn't (usually) transmitted across the network You'll ask for the subnet mask all the time What's the subnet mask of this network? The secret behind the IP address The IP address isn't really a single address. An IP address is a combination of a network ID and a host ID The subnet mask determines what part of the IP address is the network and which part is the host The subnet mask is just as important as your address! The best way to see this work is in binary This is the (very easy) math part IPv4 addresses - Internet Protocol version 4 OSI layer 3 address Since one byte is 8 bits, the maximum decimal value for each byte is 255 IPv6 addresses Internet Protocol v6 - 128-bit address 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses ...

Dynamic Routing Protocols Listen for subnet information from other routers Sent from router to router Provide subnet information to other routers Tell other routers what you know Determine the best path based on the gathered information Every routing protocol has its own way of doing this When network changes occur, update the available routes Different convergence process for every dynamic routing protocol Which routing protocol to use? What exactly is a route? Is it based on the state of the link? Is it based on how far away it is? How does the protocol determine the best path? Some formula is applied to the criteria to create a metric Rank the routes from best to worst Recover after a change to the network Convergence time can vary widely between routing protocols Standard or proprietary protocol? OSPF and RIP are standards, some functions of EIGRP are Cisco proprietary Distance-vector routing protocols Information passed between routers contains routing tables How many "hops a...

AS (Autonomous System) Autonomous Existing as an independent entity Group of IP routes under common control RFC 1930, Section 3: Definitions "An AS is a connected group of one or more IP prefixes run by one ore more network operators which has a SINGLE and CLEARLY DEFINED routing policy." Important point of reference for discussing Interior Gateway Protocols and Exterior Gateway Protocols IGP (Interior Gateway Protocol) Used within a single autonomous system (AS) Not intended to route between AS That's why there's Exterior Gateway Protocols (EGPs) IPv4 dynamic routing OSPFv2 (Open Shortest Path First) RIPv2 (Routing information Protocol version 2) EIGRP (Enhanced Interior Gateway Routing Protocol) IPv6 dynamic routing OSPFv3 EIGRP for IPv6 RIPng (RIP next generation) EGP (Exterior Gateway Protocol) Used to route between autonomous systems Leverages the IGP at the AS to handle local routing BGP (Border Gateway Protocol) Many organizations use BGP as their EGP

Routing Send IP packets across the network Forwarding decisions are based on destination IP address Each router only knows the next step The packet asks for directions every hop along the way The list of directions is held in a routing table Routing Different topologies use different data link protocols Ethernet, HDLC, etc. Each router rewrites the frame to add its own data-link header The IP packet remains intact Static routing Administratively define the routes - You're in control Advantages Easy to configure and manage on smaller networks No overhead from routing protocols (CPU, memory, bandwidth) Easy to configure on sub networks (only one way out) More secure - no routing protocols to analyze Disadvantages Difficult to administer on larger networks No automatic method to prevent routing loops If there's a network change, you have to manually update the routes No automatic rerouting if an outage occurs Dynamic routing Routers send routes to other routers Routing tables are ...

Basic Interface Configuration Speed and duplex speed : 10/100/1000 Duplex : Half/Full Automatic and manual Needs to match on both sides IP address management Layer 3 interfaces VLAN interfaces Management interfaces IP address, subnet mask/CIDR block, default gateway, DNS (optional) VLANs VLAN assignment Each device port should be assigned a VLAN Trunking Connecting switches together - Multiple VLANs in a single link Tagged and untagged VLAN A non-tagged frame is on the default VLAN Also called the native VLAN Trunk ports will tag the outgoing frames And remove the tag on incoming frames DMZ Demilitarized zone An additional layer of security between the Internet and you Powering devices Power provided on an Ethernet cable One wire for both network and electricity Phones, cameras, wireless access points Power provided at the switch Build-in power - Endspans In-line power injector - Midspans Power modes Mode A - Power on the data pairs Mode B - Power on the spare pairs PoE and POE+ PoE : ...

Loop protection Connect two switches to each other They'll send traffic back and forth forever There's no "counting" mechanism at the MAC layer This is an easy way to bring down a network And somewhat difficult to troubleshoot Relatively easy to resolve IEEE standard 802.1D to prevent loops in bridged (switched) networks (1990) Switch operation Forwarding decisions made by MAC address Keeps a big table of MAC address that have been seen All forwarding decisions are filtered through this list If the destination MAC is unknown, the frame is flooded Sent to every switch port in the local subnet/VLAN Hopefully the destination station will respond Flooding is hopefully a temporary process Directed traffic resumes when the MAC is seen STP port states Blocking - Not forwarding to prevent a loop Listening - Not forwarding and cleaning the MAC table Learning - Not forwarding and adding to the MAC table Forwarding - Data passes through and is fully operational Disabled - Admini...

LANs Local Area Networks A group of devices in the same broadcast domain Virtual LANs Virtual Local Area Networks A group of devices in the same broadcast domain Separated locally instead of physically 802.1Q trunking Take a normal Ethernet frame Data/Payload = 46 to 1500 bytes Add a VLAN header in the frame VLAN IDs - 12 bits long, 4094 VLANs "Normal range" - 1 through 1005, "Extended range" - 1006 through 4094 0 and 4,095 are reserved VLAN numbers Before 802.1Q, there was ISL (Inter-Switch Link) ISL is no longer used; everyone now uses the 802.1Q standard

PDU (Protocol Data Unit) A unit of transmission A different group of data at different OSI layers Ethernet operates on a frame of data It has no idea what's inside IP operates on a packet of data Inside is TCP or UDP segment, UPD datagram TCP or UDP PDU - TCP segment, UDP datagram Maximum Transmission Unit (MTU) Maximum IP packet to transmit - but not fragment Fragmentation show things down Losing a fragment loses an entire packet Requires overhead along the path Difficult to know the MTU all the way through the path Automated methods are often inaccurate, especially when ICMP is filtered Troubleshooting MTU MTU sizes are usually configured once Based on the network infrastructure and don't change often A significant concern for tunneled traffic The tunnel may be smaller than your local Ethernet segment What if you send packets with Don't Fragment (DF) set? Routers will respond back and tell you to fragment Hope you get the ICMP message! Troubleshoot using ping Ping with DF...

Unicast One station sending information to another station Send information between two systems Web surfing, file transfers Does not scale optimally for streaming media Multicast Delivery of information to interested systems One to many Multimedia delivery, stock exchanges Very specialized Difficult to scale across large networks Broadcast Send information to everyone at once One packet, received by everyone Limited scope - the broadcast domain Routing updates, ARP requests Not used in IPv6 - focus on multicast

Collision Domains Separated by switch/bridge interfaces A historical footnote It's difficult to find a collision these days The word *collision" is misleading The network was one big segment Everyone heard everyone else's signals One big conference call Only one station can "talk" at a time. Is the line clear? Ok, I can talk. Carrier Sense Multiple Access (CSMA) When two people spoke at the same time, there was a collision Collision Detection (CD) - Send the jam signal Broadcast Domains Separated by router interfaces Spread the word! Everyone must know! ARP probes, operating system notifications How far ca a broadcast go? Passed by a switch/bridge Stops at the router This can be important More devices, more broadcasts

The Switch Forward or drop frames Based on the destination MAC address Gather a constantly updating list of MAC address Builds the list based on the source MAC address of incoming traffic Maintain a loop-free environment Using Spanning Tree Protocol (STP) Learning The MACs Switches examine incoming traffic Makes a note of the source MAC address Adds unknown MAC addresses to the MAC address table Sets the output interface to the received interface Flooding for unknown Macs The switch doesn't always have a MAC address in the table When in doubt, send the frame to everyone Address Resolution Protocol Determine a MAC address based on an IP address You need the hardware address to communicate arp -a view local ARP table

The MAC address (MAC = Media Access Control) Ethernet MAC address - The "physical" address of a network adapter - Unique to a device 48 bits / 6 bytes long - Displayed in hexadecimal Duplex Half-duplex A device cannot send and receive simultaneously All LAN hubs are half-duplex devices Switch interfaces can be configured as half-duplex, but usually only when connecting to another half-duplex device e.g. Walkie-talkie Full-duplex Data can be sent and received at the same time A properly configured switch interface will be set to full-duplex e.g. Telephone call CSMA/CD CS - Carrier Sense Is there a carrier? Is anyone communicating? MA - Multiple Access More than one device on the network CD - Collission Detect Collision - Two stations talking at once Identify when data gets garbled Half-duplex Ethernet - not used any longer CSMA/CD operation Listen for an opening Don't transmit if the network is already busy Send a frame of data You send data whenever you can There...

OSI - Open Systems Interconnection Reference Model It's a guide (thus the term "model") Don't get wrapped up in the details This is not the OSI protocol suite Most of the OSI protocols didn't catch on There are unique protocols at every layer You'll refer to this model for the rest of your career Layer 1 - The Physical Layer The physics of the network Signaling, cabling, connectors This layer isn't about protocols You have a physical layer problem. Fix your cabling, punch-downs, etc Run loopback tests, test/replace cables, swap adapter cards Layer 2 - Data Link Layer The basic network "language" The foundation of communication at the data link layer Data link Control (DLC) protocols MAC(Media Access Control) address on Ethernet The "switching" layer Layer 3 - The Network Layer The "routing" layer Internet Protocol(IP) Fragments frames to traverse different networks What is IP Fragmentation? Fragments are always in multiples o...

TCP and UDP Transported inside IP Two ways to move data from place to place (TCP and UDP) OSI Layer 4 (The transport layer) Multiplexing (meaning - incorporate into a multiplex signal or system.) Use many different applications at the same time TCP (Transmission Control Protocol) TCP is connection-oriented. It establishes a logical end-to-end connection between the two communication hosts. Control information, called a handshake, is exchanged between the two endpoints to establish a dialogue before data is transmitted. (source - oreilly) A formal connection setup and close. "Reliable" deliver Recovery from errors Can manage out-of-order messages or retransmissions Flow control The receiver can manage how much data is sent UDP - User Datagram Protocol Connectionless. Refers to network protocols in which a host can send a message without establishing a connection with the recipient. That is, the host simply puts the message onto the network with the destination address and h...