C hapet r Domain 1.0 Network Architecture€¦ · c01.indd 03/26/2015 Page 1 C hapet r Domain 1.0...

c01.indd 03/26/2015 Page 1

Chapter Domain 1.0 Network

Architecture

COMPTIA NETWORK+ EXAM OBJECTIVES

COVERED IN THIS CHAPTER:

✓ 1.1 Explain the functions and applications of variousnetwork devices

■ Router

■ Switch

■ Multilayer switch

■ Firewall

■ HIDS

■ IDS/IPS

■ Access point (wireless/wired)

■ Content filter

■ Load balancer

■ Hub

■ Analog modem

■ Packet shaper

■ VPN concentrator

✓ 1.2 Compare and contrast the use of networking services and applications

■ VPN

■ Site to site/host to site/host to host

■ Protocols

■ IPsec

■ GRE

COPYRIG

HTED M

ATERIAL

c01.indd 03/26/2015 Page 2

■ SSL VPN

■ PTP/PPTP

■ TACACS/RADIUS

■ RAS

■ Web services

■ Unified voice services

■ Network controllers

✓ 1.3 Install and configure the following network services and applications

■ DHCP

■ Static vs. dynamic IP addressing

■ Reservations

■ Scopes

■ Leases

■ Options (DNS, servers, suffixes)

■ IP helper/DHCP relay

■ DNS

■ DNS servers

■ DNS records (A, MX, AAAA, CNAME, PTR)

■ Dynamic DNS

■ Proxy/reverse proxy

■ NAT

■ PAT

■ SNAT

■ DNAT

■ Port forwarding

✓ 1.4 Explain the characteristics and benefits of various WAN technologies

■ Fiber

■ SONET

c01.indd 03/26/2015 Page 3

■ DWDM

■ CWDM

■ Frame Relay

■ Satellite

■ Broadband cable

■ DSL/ADSL

■ ISDN

■ ATM

■ PPP/Multilink PPP

■ MPLS

■ GSM/CDMA

■ LTE/4G

■ HSPA+

■ 3G

■ Edge

■ Dialup

■ WiMAX

■ Metro‐Ethernet

■ Leased lines

■ T‐1

■ T‐3

■ E‐1

■ E‐3

■ OC3

■ OC12

■ Circuit switch vs. packet switch

✓ 1.5 Install and properly terminate various cable types and connectors using appropriate tools

■ Copper connectors

■ RJ‐11

c01.indd 03/26/2015 Page 4

■ RJ‐45

■ RJ‐48C

■ DB‐9/RS‐232

■ DB‐25

■ UTP coupler

■ BNC coupler

■ BNC

■ F‐connector

■ 110 block

■ 66 block

■ Copper cables

■ Shielded vs. unshielded

■ CAT3, CAT5, CAT5e, CAT6, CAT6a

■ PVC vs. plenum

■ RG‐59

■ RG‐6

■ Straight‐through vs. crossover vs. rollover

■ Fiber connectors

■ ST

■ SC

■ LC

■ MTRJ

■ FC

■ Fiber coupler

■ Fiber cables

■ Single mode

■ Multimode

■ APC vs. UPC

■ Media converters

■ Single mode fiber to Ethernet

c01.indd 03/26/2015 Page 5

■ Multimode fiber to Ethernet

■ Fiber to coaxial

■ Single mode to multimode fiber

■ Tools

■ Cable crimpers

■ Punch down tool

■ Wire strippers

■ Snips

■ OTDR

■ Cable certifier

✓ 1.6 Differentiate between common network topologies

■ Mesh

■ Partial

■ Full

■ Bus

■ Ring

■ Star

■ Hybrid

■ Point‐to‐point

■ Point‐to‐multipoint

■ Client‐server

■ Peer‐to‐peer

✓ 1.7 Differentiate between network infrastructure implementations

■ WAN

■ MAN

■ LAN

■ WLAN

■ Hotspot

■ PAN

■ Bluetooth

c01.indd 03/26/2015 Page 6

■ IR

■ NFC

■ SCADA/ICS

■ ICS server

■ DCS/closed network

■ Remote terminal unit

■ Programmable logical controller

■ Medianets

■ VTC

■ ISDN

■ IP/SIP

✓ 1.8 Given a scenario, implement and configure theappropriate addressing schema

■ IPv6

■ Auto‐configuration

■ EUI‐64

■ DHCP6

■ Link local

■ Address structure

■ Address compression

■ Tunneling 6to4, 4to6

■ Teredo, miredo

■ IPv4

■ Address structure

■ Subnetting

■ APIPA

■ Classful A, B, C, D

■ Classless

■ Private vs. public

■ NAT/PAT

c01.indd 03/26/2015 Page 7

■ MAC addressing

■ Multicast

■ Unicast

■ Broadcast

■ Broadcast domains vs. collision domains

✓ 1.9 Explain the basics of routing concepts and protocols

■ Loopback interface

■ Routing loops

■ Routing tables

■ Static vs. dynamic routes

■ Default route

■ Distance vector routing protocols

■ RIP v2

■ Hybrid routing protocols

■ BGP

■ Link state routing protocols

■ OSPF

■ IS‐IS

■ Interior vs. exterior gateway routing protocols

■ Autonomous system numbers

■ Route redistribution

■ High availability

■ VRRP

■ Virtual IP

■ HSRP

■ Route aggregation

■ Routing metrics

■ Hop counts

■ MTU, bandwidth

■ Costs

c01.indd 03/26/2015 Page 8

■ Latency

■ Administrative distance

■ SPB

✓ 1.10 Identify the basic elements of unified communica-tion technologies

■ VoIP

■ Video

■ Real time services

■ Presence

■ Multicast vs. unicast

■ QoS

■ DSCP

■ COS

■ Devices

■ UC servers

■ UC devices

■ UC gateways

✓ 1.11 Compare and contrast technologies that supportcloud and virtualization

■ Virtualization

■ Virtual switches

■ Virtual routers

■ Virtual firewall

■ Virtual vs. physical NICs

■ Software defined networking

■ Storage area network

■ ISCSI

■ Jumbo frame

■ Fibre channel

■ Network attached storage

c01.indd 03/26/2015 Page 9

■ Cloud concepts

■ Public IaaS, SaaS, PaaS

■ Private IaaS, SaaS, PaaS

■ Hybrid IaaS, SaaS, PaaS

■ Community IaaS, SaaS, PaaS

✓ 1.12 Given a set of requirements, implement a basicnetwork

■ List of requirements

■ Device types/requirements

■ Environment limitations

■ Equipment limitations

■ Compatibility requirements

■ Wired/wireless considerations

■ Security considerations

c01.indd 03/26/2015 Page 10

A few years ago, I wrote, “Computer communication intoday’s world is amazing, isn’t it? We seem to be able to con-nect to each other from wherever we happen to be at that time.

Networks seem to ‘stitch’ themselves together almost magically with no effort on anybody’s part! At least, that’s what ‘seems’ to happen.” Well, at that time, I had no idea how much would change about networking in just the next few years!

One of the main aspects of networking that changed is its architecture. The word archi-tecture is defi ned in Webster’s dictionary as “the style, design, or framework of a struc-ture.” This defi nition was fi rst applied to buildings, but it most certainly applies today toour networking structure as well. In fact, the style, design, and construction of your net-work will be determined by your goals and will defi ne what you can accomplish with your network.

In this fi rst chapter, I will discuss the basic building blocks of your network architecture, such as routers, switches, fi rewalls, and so on. Then I will compare and contrast variousnetworking services from which you have to choose, such as VPNs, web services, unifi ed voice services, and many others. I will also discuss the installation and confi guration of essential network services such as DHCP, DNS, and NAT. In addition, I will cover networktechnologies that are specifi cally for wide area networks, such as SONET, Satellite, ADSL, and many more. I will also identify the various connectors that you can use to stitch your network together, such as RJ‐45s, UTP couplers, F‐connectors, and many others. I willthen discuss the various network topologies or shapes that you can create using your build-ing blocks and connectors.

Once you understand the building blocks, you will then be able to create a network. However, in order to make that network function, you will also need to understand the addressing protocols that allow computers to communicate with each other through thenetwork. Therefore, I will also cover concepts of common addressing schemas such as IPv4 and IPv6. In addition, I will explain how to use routing protocols so the network compo-nents can function together well and deliver network traffi c through your network architec-ture. Of course, we can’t leave out the newest and most sophisticated technologies, so I willalso cover unifi ed communications systems, cloud and virtualization concepts, and storagearea network concepts.

Finally, based on a defi ned list of requirements, limitations, and considerations, we willbuild a network together. Well, at least on paper. Are you ready to get started?

For more detailed information on Domain 1’s topics, please see CompTIA

Network+ Study Guide (Lammle, 2014).

1.1 Explain the Functions and Applications of Various Network Devices 11

c01.indd 03/26/2015 Page 11

1.1 Explain the Functions and

Applications of Various Network

Devices

The building blocks of your network architecture consist of various devices that performa specifi c function or group of functions for your network. It’s important that you under-stand the purpose of each device so that you can place it in the right position in your net-work architecture. In this section, I will cover the function and correct application of each of the most common network devices.

RouterRouters are the devices that connect the Internet and make the World Wide Web possible.They also divide and then rejoin your network. They use a higher level of intelligence than that of switches. Routers use logical addresses and work at Layer 3 (Network) of the OSI model (which I will discuss further in Chapter 5 ), and they forward traffi c from one net-work (or subnet) to another. Routers fi rst determine whether the traffi c belongs on their network; then they deliver it to the appropriate network hosts while forwarding the traffi cthat does not belong on their network to another router. Routers determine where to for-ward traffi c by consulting a routing table. An administrator can confi gure the routing table manually, or the router can learn it by using routing protocols . Figure 1.1 shows a commonrouter.

F I GU R E 1.1 A router

Switch A switch is a network device that optimizes traffi c fl ow on your network. A switch worksat Layer 2 (Data‐Link); it learns the physical address (MAC address) of all the devices that are connected to it and then uses the MAC address to control traffi c fl ow. Some switches,called multilayer switches , also work at Layer 3, but here I am focusing on switches thatwork only at Layer 2. Rather than forwarding all data to all the connected ports, a switch can forward data only to the port where the computer with the destination address actuallyexists.

This process automatically segments the network and dramatically decreases the traf-fi c in the segments that are less used. Because of this, switches are often used to connect

12 Chapter 1 ■ Domain 1.0 Network Architecture

c01.indd 03/26/2015 Page 12

departments of a company so that communication between two or more departmentsdoes not affect other departments that are not involved in the communication. Also, largefi les can be transferred within the same department without affecting the traffi c fl owin any of the other departments. Switches can also be used to create virtual local areanetworks (VLANs) that improve the fl exibility of a network design. I will discuss VLANslater in this chapter. Figure 1.2 shows a common switch.

F I GU R E 1. 2 A common switch

Multilayer Switch Whereas a basic switch works solely at Layer 2 (Data‐Link) of the OSI model, a multilayerswitch can work at both Layer 2 and Layer 3. Multilayer switches (also called Layer 3switches ) are essentially switches with a router module installed in them. They are espe-scially useful in networks with VLANs because you can create the VLANs and decide how the VLANs will be routed—all within the same switch. Multilayer switches can be con-nected to other multilayer switches and to basic switches to extend VLANs through anorganization. I will discuss VLANs in greater depth later in Chapter 2 .

Firewall A fi rewall is a hardware or software system that is used to separate one computer or net-lwork from another one. The most common type of fi rewall is used to protect a computer oran entire network from unauthorized access from the Internet. Firewalls can also be used to control the fl ow of data to and from multiple networks within the same organization.Additionally, fi rewalls can be programmed to fi lter data packets based on the informationthat is contained in the packets. In the following section, I will discuss the different types of fi rewalls that you might use on your network and their confi guration.

IDS and IPS An intrusion detection system (IDS) is much more than a fi rewall. In effect, an IDS is an intelligent monitor of network traffi c that “understands” what normal traffi c is supposed to look like and what it is supposed to do and can therefore identify abnormal traffi c as a threat. “How does it know?” you may ask. Well, either it’s confi gured with the latest attack signatures from its vendor (much like antivirus software) or it simply “watches” your

1.1 Explain the Functions and Applications of Various Network Devices 13

c01.indd 03/26/2015 Page 13

network for a while to learn what normal traffi c looks like. Of course, the best system is acombination of the two. In addition, an IDS can be confi gured to alert the network admin-istrator when it detects a threat. In fact, the only action that a true IDS takes in response to a threat is to alert the administrator with an email message or network message if confi g-ured properly. Often an IDS just logs the threat so the network administrator can address it later.

An intrusion prevention system (IPS) is very similar to an IDS but can take more action in response to a threat than an IDS. An IPS can address an identifi ed threat by resetting a connection or even closing a port. Of course, the IPS can also be confi gured to alert the administrator of the threat and the action that was taken. In practice, the main differencebetween an IPS and an IDS is one of software confi guration.

HIDS A host‐based intrusion detection system (HIDS) in your network works like a moat doesaround a medieval castle. It’s specifi cally for the protection of that one device and doesn’t really help any of the other devices at all. It can be used along with IDS/IPS and fi rewalls to provide another layer of fi nal protection from anything that gets through the prior layers. It is typically just a software program that analyzes network traffi c and permits or denies it tothe device based on a set of instructions of confi guration from the administrator. Based on this confi guration, it can determine normal traffi c and traffi c that might harm your systemand take the appropriate action.

Access Point (Wireless/Wired) An access point typically consists of a wireless switch with a router module. Most accesstpoints are both wired as well as wireless. They can receive signals from laptops and other wireless devices and direct them to connected computers or even to the Internet. I will dis-cuss the use of wireless access points in much greater detail in Chapter 2 .

Content Filter A content fi lter is a specialized device that can be confi gured to allow some types of traf-fi c to fl ow through it while stopping the fl ow of other types of traffi c. This type of contentfi ltering is essential to organizations so that security and productivity can be maintainedsimultaneously. The biggest difference between the different types of content fi lters is the level of content they fi lter. For example, a Layer 7 (Application layer) content fi lter can be confi gured to be much more selective than a Layer 3 (Network layer) fi lter. In fact, Layer 7 content fi lters can be confi gured to disallow access to websites that contain data or graph-ics that are deemed unacceptable by management standards. If a user tries to access a site that contains unacceptable graphics or data, the site will be disallowed not because of an IP address or hostname, or even port address, but because of the nature of the material on the site. This gives you much more granular control over users.


c01.indd 03/26/2015 Page 14

Load Balancer In today’s networks, the resources that are essential for a user are often stored off the user’scomputer, sometimes in multiple locations for the same resource. When this is done, the user can gain access to the resources by going to a specifi c logical location, and the network devices can quickly decide how to obtain the user data and from which physical location to obtain the resource. This all occurs completely unbeknownst to the user. The device that makes all this magic happen is a load balancer . rr

Actually, a load balancer is as much a network role as it is a network appliance. Manydevices can be confi gured to provide a load‐balancing function. Servers can be confi g-ured with multiple NICs and clustered together, routers can be confi gured with multipleassociated interfaces or subinterfaces, and switches can be confi gured to direct traffi c andto change the physical location on each request. This is sometimes referred to as round robin since the physical connection just keeps going round and round. These types of load‐ balancing techniques can dramatically improve the speed of the network for the user.

Hub A hub is a device that has multiple ports into which connections can be made. All devices connected to a hub are also connected to each other. A hub does not fi lter any communication or provide any intelligence in regard to the data stream; it simply lets all the information fl ow through it and connects anything and everything that is connected to it. Hubs are now con-sidered legacy and are rarely used in today’s modern networks. Figure 1.3 shows a legacy hub.

F I GU R E 1. 3 A four‐port active hub

Analog Modem An analog modem is a device that translates digital communication coming from a com-puter or device to analog communication that can be sent over normal telephone lines, asif it were the computer’s voice. In this newer age of networking, analog modems are now considered obsolete, but we all remember the irritating screeching noises that they used to make! You might still fi nd an analog modem in the role of a backup management commu-nication line for a device, but even that is very unlikely today.

1.2 Compare and Contrast the Use of Networking Services and Applications 15

c01.indd 03/26/2015 Page 15

Packet Shaper A packet shaper is typically a hardware device that can examine traffi c at a granular level. It fi rst analyzes the traffi c fl owing through it and categorizes all traffi c with minimal assis-tance from a network administrator. It can determine the needs of each type of traffi c inregard to latency and bandwidth requirements. Using this information, it can then assure that traffi c is balanced in the most effi cient manner in order that latency‐ and bandwidth‐sensitive applications get what they need while less‐sensitive applications get less because they can function just as well without it. For the most part, it can do all of this without administrative confi guration, but it will report its fi ndings back to the network administra-tor in detailed reports.

VPN Concentrator A virtual private network (VPN) is a network connection that is made secure even though it isfl owing through an unsecure network, typically the Internet. This is done by using an encapsu-lation protocol. The encapsulation protocol creates a tunnel between two devices. A device thatis sometimes used to create this tunnel is referred to as a VPN concentrator . Most VPN concen-rrtrators use either the Point‐to‐Point Tunneling Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP) to create the tunnel. The reason that it’s called a concentrator is that it can handle many VPN connections simultaneously. I will discuss PPTP and L2TP later in this chapter.

Exam EssentialsKnow the functions and applications of various network devices. A router works at Layer 3 (Network) whereas a switch works at Layer 2 (Data‐Link). An HIDS is host basedlike a moat, whereas IDS and IPS are network based to provide protection for multiplehosts. Packet shapers analyze traffi c patterns and application needs and control traffi c inways that fi rewalls can’t duplicate. A VPN concentrator can make network traffi c secure, even when it’s fl owing through an unsecure network.

1.2 Compare and Contrast the Use of

Networking Services and Applications

The next step toward creating your functional network architecture is selecting the net-working services that you will use on your network. This will largely be determined by the size and scope of your network and what you are connecting. For example, if you are con-necting devices that are not at the same location, you might want to use protocols that arespecifi c for that type of connection. Some protocols that you might consider would include VPN, IPsec, RAS, unifi ed voice services, and others. In this section, I will discuss thesetechnologies and how they relate to your network architecture.


c01.indd 03/26/2015 Page 16

VPN A virtual private network (VPN) is not really private since it runs through an unsecure network. However, a VPN is made virtually private using an encapsulation protocol, also called a tunneling protocol . You can accomplish this using SSL and cryptography. Therelare also other protocols that are specifi cally designed to provide a tunnel that encapsulates a well‐known protocol, for example, IP, with a secure protocol known only by the senderand receiver.

Site to Site/Host to Site/Host to Host For most companies with multiple locations, the prospect of installing dedicated leasedlines, such as T‐1s or T‐3s, to each of their locations is cost prohibitive and unnecessary. It’sunnecessary with today’s networks because it’s possible to use the Internet as a secure con-nection between the locations. Tunneling is a process of encapsulating one protocol within ganother so as to provide a secure communication through an unsecure medium, typically the Internet. The processes and protocols used to create tunnels have changed over the past 15 years, and some tunnels are therefore more secure than others. Some tunneling proto-cols also encrypt the data contained in the packets, while others do not. As you will see, you can use these tunneling protocols to move data securely from one datacenter to anotherdatacenter (site to site), from a remote computer to a datacenter (host to site), or even from one remote computer to another remote computer (host to host). In the following sections, I’ll discuss the protocols used for tunneling and the security they provide in each of these scenarios.

Protocols Protocols have been defi ned in many ways. Some say that protocols are an expected behav-ior between two parties. Others say that protocols establish a set of rules by which thetwo parties can communicate. Network protocols fall into both of these defi nitions. Theyare the rules that determine the expected behavior of communication between one device and another one. In order for devices to communicate effectively, they must share the sameprotocol. If two devices know a protocol that other devices don’t, they can then com-municate to each other through a medium that would otherwise be considered unsecure.Therefore, if I were to encapsulate one protocol inside another, I would create a tunnel onwhich only the computers that know the outer protocol could communicate. This is what is referred to as a tunneling protocol. In this section, I will discuss the various protocols thatcan be used as tunneling protocols between two devices.

IPsec Internet Protocol Security (IPsec) is a framework of protocols designed to authenticate con-nections and encrypt data during communication between two computers. It operates at the Network layer of the OSI model and provides security for protocols that operate at thehigher layers of the OSI model. Because of this, you can use IPsec to secure practically all TCP/IP‐related communications, including tunnels.


c01.indd 03/26/2015 Page 17

The function of IPsec is to ensure that data on the network is safe from being viewed,accessed, or modifi ed by anyone except the intended receiver. IPsec can be used to providesecurity within networks as well as between networks. To be more specifi c, IPsec has three main security services:

Data Verification This ensures that the data received is actually from the source from which it appears to have originated.

Protection from Data Tampering This ensures that the data has not been changed in any way during the transmission between the sending computer and the receiving computer.

Privacy of Transactions This ensures that the data that is sent is readable only by theintended receiver.

There are two main modes of IPsec: transport mode and tunnel mode. Transport modeis used to send and receive encrypted data within the same network. Tunnel mode is used to send encrypted data between networks. It includes an encryption mechanism as well as an authentication mechanism.

GREGeneric Routing Encapsulation (GRE) is a protocol developed by Cisco systems that you canuse to encapsulate many Network layer protocols to be delivered on point‐to‐point links inyour IP network. It works by encapsulating the original payload (inner packet) into an outer IP packet that can be sent through the tunnel. De‐encapsulation takes place at the other endof the tunnel, so the inner packet can be delivered without the destination machine ever beingaware that an outer IP packet existed. This makes GRE a fl exible tool that can even be used to send multicast and IPv6 packets through an otherwise normal IPv4 structure.

SSL VPN The Secure Sockets Layer (SSL) protocol uses cryptography to provide secure authentication rand communication privacy over the Internet. It is typically used for e‐commerce. When used in conjunction with a VPN on a site that is allowing e‐commerce, the advantage SSL offers isthat many of the fi lters are already confi gured. In other words, if a site wants to allow e‐com-merce using SSL, then the ports for SSL already must be allowed through any fi rewalls or othernetwork fi lters. This means that an SSL‐based VPN might be much easier to confi gure than onethat requires that a new protocol and its ports be allowed through the fi rewalls of the network.

PTP/PPTP The Point‐to‐Point Tunneling Protocol (PPTP) is used to create a secure tunnel between ltwo points on a network over which other protocols such as the Point‐to‐Point Protocol(PPP) can be used. This tunneling functionality provides the basis for many VPNs. Although PPTP is a widely used tunneling protocol, other tunneling protocols, such asL2TP with IPsec, provide even greater security. PPTP also cannot authenticate the end of the tunnel and thereby prevent a man‐in‐the‐middle attack, but L2TP can. Because of thesedisadvantages of PPTP, it has been largely replaced by L2TP.


c01.indd 03/26/2015 Page 18

RADIUS Remote Authentication Dial‐In User Service (RADIUS) provides a centralized system for authentication, authorization, and accounting. Remote access servers become clients of another server referred to as a RADIUS server. The authentication of the users is then actu-ally performed by the RADIUS server based on certifi cates, Kerberos, or some other type of authentication. RADIUS uses UDP to broadcast the communication between the remoteaccess servers (RASs) and the RADIUS server. The RAS becomes a go‐between that opens the door, or doesn’t, for the client computer to come in and use the resource. Also, because all requests are centralized through the RADIUS server, accounting for those requests is also centralized. RADIUS is supported on all Microsoft Servers. When RADIUS is usedwith wireless networks, IEEE 802.1x, and WPA, the result is WPA for Enterprise.

RAS Remote Access Service (RAS) is a remote access solution that is included with Microsoft Windows Server products. Its main function is to give users the same access to the networkfrom a remote location as if they were actually sitting at their desks, although sometimes the access is much slower. RAS is implemented in Windows NT Server as RAS and in Windows 2000 Server, Windows Server 2003, and Windows Server 2008 as Routing andRemote Access Server (RRAS), but both product implementations offer the same basic functionality—remote access connectivity to a LAN environment. RAS servers can providedial‐up connections using modems as well as VPN connections using WAN miniports.Figure 1.4 shows an RRAS server on Windows Server 2008.

F I GU R E 1. 4 An RRAS server on Windows Server 2008

TACACS+Terminal Access Controller Access Control System+ (TACACS+) is a service that is similarto RADIUS but uses TCP to communicate between the RAS and the TACACS+ server. Itwas developed by Cisco Systems to address the need for a more scalable AAA solution. The


c01.indd 03/26/2015 Page 19

fact that it uses TCP (a connection‐oriented protocol) instead of UDP (a connectionless pro-tocol) offers several advantages, namely that the RAS server receives an acknowledgmentfrom the TACACS+ server that the authentication request has been received and is being processed. Also, because the two can communicate with a connection‐oriented protocol,more sophisticated security mechanisms can be employed. For example, while RADIUSencrypts only the password in the packet that is passed from the RAS to the RADIUS server, TACACS+ encrypts the entire body of the packet, including the information regard-ing the username and the service that the user is requesting. This makes TACACS+ a muchmore secure service than RADIUS. Of course, TACACS+ also keeps an accounting of all requests from a RAS, and that accounting can also be secured.

Web Services In general a web service is a communication channel between two electronic devices that isshared over the Internet or a company’s intranet. The entity that is requesting the informa-tion is referred to as a service requestor , while the entity that is providing the informationrris referred to as the service provider . Software is generally written to use markup languagesrrspecifi cally used on web servers, such as XML and others.

Unified Voice Services Unifi ed voice services is basically a nice way of describing those computers that we end uptalking to when we call any large organization these days. Companies use them to save man‐hours and therefore money. The messages that we receive are no longer just recordings but are actually a communication from an intelligent application on computer system. The system can interpret our speech (sometimes) and can also be commanded by touch tones through our phone. It’s possible to get some questions answered and maybe even restart a modem or set‐top box this way, but personally I’d rather talk to another human being. For better or worse,these things are not going away, but at least they will continue to get smarter.

Network Controllers In the past, computers simply had network interface cards (NICs) that were used to convert parallel digital signals coming from the computer to serial digital signals that could be sentover the wire. Over the years these devices have been refi ned with additional software andservices, referred to a network controllers , which enhance their capability for their specifi c function. For example, we have specifi c network controllers for broadband cable systems, voice, satellite, and so on. These will most certainly continue to multiply as we fi nd moreways to use computers and more ways to connect them.

Exam EssentialsKnow the different types of VPNs and why they are used. VPN stands for virtual private network, which says it all. It’s virtually private in a public space. This is accomplishedusing tunnels and tunneling protocols. You can use a VPN from site to site of the same


c01.indd 03/26/2015 Page 20

organization or as a link to a remote offi ce. You can also use a VPN to connect a remote user, for example, from their home to the corporate site. Finally, you can use a VPN to con-nect two or more remote users to each other.

Know the different types of protocols used to create VPN tunnels. Tunneling protocols are used to create a communication channel that can be interpreted only if the two devices on each end share the same protocol. The other devices that are between the two devices will not be able to interpret the communication. Tunneling protocols that you can use include IPsec, GRE, SSL VPN, and PPP/PPTP. Each of these protocols has advantages anddisadvantages.

Know the varied types of networking services and applications. You can create remote access services using protocols such as TACACS+ and RADIUS. You can use multiple web services to provide access to data for your network through the Internet. You can use (whether you like itor not) unifi ed voice services to turn your user’s or customer’s phone into their personal com-mand center. You can choose from a wide variety of network interface controllers with the appropriate software to provide optimal service to your specifi c networking need.

1.3 Install and Configure the Following

Network Services and Applications

In this section, I will discuss three services that are extremely important, if not essential, to most of today’s networks: DHCP, DNS, and NAT. I will discuss the installation andconfi guration of each of the important network services. In addition, I will discuss the pur-pose of each service and its impact on your network. I will also discuss lesser‐used but still important services called proxy, reverse proxy, and port forwarding.

DHCPDynamic Host Confi guration Protocol (DHCP) lets you offl oad a whole lot of work confi g-luring IP addresses, subnet masks, default gateways, DNS server addresses, and much moreto a server that is relatively easy to set up and maintain. Is it for all of your computers on your network? Probably not, but it’s most likely the best solution for all of your clients. Inthis section, I will discuss the properties of DHCP and the options that it provides.

Static vs. Dynamic IP Addressing In general, client computers should obtain their IP addresses from a DHCP server when-ever possible. This reduces manual effort on the part of the administrator and improves accuracy. In contrast, devices such as servers, network printers, plotters, and router inter-faces should be statically confi gured so their addresses do not change. Figure 1.5 shows an example of how to confi gure a static IP confi guration on Windows Server 2008. Figure 1.6

1.3 Install and Configure the Following Network Services and Applications 21

c01.indd 03/26/2015 Page 21

shows an example of the DHCP tool in Windows Server 2008. A DHCP server shouldalways use a static address and should never obtain an address from another DHCP server.

F I GU R E 1.5 A static IP configuration on Windows Server 2008

F I GU R E 1.6 The DHCP server tool in Windows Server 2008


c01.indd 03/26/2015 Page 22

Reservations Most of your clients will obtain an address from your DHCP server in a rather random manner and will hold that address for a period of time as defi ned by their lease. (I will discuss leases later in this chapter.) You may want some clients to obtain the same address from the DHCP server every time they connect, which is an address that was set aside forthem based on their MAC address. This type of addressing is referred to as a reservation . This is especially handy for clients, printers, plotters, and the like that are not always connected but that need to have a predictable address when they are connected. By not using a static address for these devices, you can better manage your network because all addresses will be managed from the DHCP server instead of some addressing left missing from its lists.

Scopes A scope is a range of addresses that can be assigned to clients. You should set your scopes based on the IP subnets you are using within your organization. You should take care that your scopes do not contain addresses that overlap addresses in other scopes, because thiscan cause IP address confl icts. The process of confi guring scopes on various DHCP serversis beyond the scope of this book. Pardon the pun!

Leases When your client obtains its IP address from the DHCP server, the IP address can be usedfor a defi ned period of time that is indicated by its lease . On Microsoft DHCP servers, the lease time by default is eight days. Your client will attempt to renew its lease after 50 per-cent of the time has expired, so if leases are set to the default, then your clients will renewtheir leases every four days. This will be done by contacting the DHCP server directly. You should increase lease times if you have plenty of addresses to go around for yourclients. Conversely, you should decrease lease times if you have fewer IP addresses than clients.

Options (DNS, Servers, Suffixes) A DHCP server is best known for assigning IP addresses to clients that need them. In real-ity, though, a DHCP server can assign much more than just IP addresses. When I teach net-working classes, I refer to the DHCP server as the “welcome wagon.” We don’t have themanymore, but long ago small towns had a welcome wagon that came by a new neighbor’s home shortly after they moved into the neighborhood and gave them some food, soap, andthe like, just to welcome them to the neighborhood and help them get a good start. Your DHCP server can do the same thing for your clients.

To be more specifi c, you can confi gure your DHCP server to give your clients a variety of information regarding other servers and services in the network that it just joined. Thiscan include the address of DNS servers and even WINS servers (in case you are still usingone) as well as the address of its default gateway to gain access to other networks and to the


c01.indd 03/26/2015 Page 23

Internet. All of these settings and more are available to you in the server and scope options of DHCP servers of all kinds. The specifi c steps for confi guring DHCP server and scopeoptions are beyond the scope of this book.

IP Helper/DHCP Relay In IPv4, DHCP communications to devices attempting to receive an IP address are inthe form of a broadcast. Since broadcasts typically do not pass through router inter-faces, an organization would be forced to have a DHCP server in every subnet, if notfor the use of an IP helper or DHCP relay. This device is located on a network that does not have a DHCP server. It receives the broadcasts from the client and forwardsthem to the DHCP server on the other subnet. It also receives the replies back from the DHCP server and broadcasts them back to the client. This is done only until the cli-ent has been assigned an IP address and can communicate on the network with unicast communication.

DNS Domain Name Service (DNS) resolves user‐friendly names, such as wiley.com, to IPaddresses that are used on the network. It makes it much easier for you to use the network systems that you put into place. If it were not for the people aspect of networking, you wouldn’t need DNS. In other words, your computers could do fi ne without it. DNS consistsof special servers that use special records. Some devices can even communicate with theDNS servers to inform them of their new address.

DNS ServersDNS servers contain software and confi guration that allows them to resolve hostnames to IP addresses for an IP network. They can be a stand‐alone server , or they can per-rrform other functions in the network, such as being a domain controller as well. They often exchange record databases with other DNS servers through a process called zonetransfer. In addition, DNS servers can communicate with other DNS servers to discover rrinformation that they do not contain. This process is responsible for stitching together theInternet.

DNS Records There are many different types of records used by DNS servers. Each of these types of records has a specifi c purpose in name resolution:

A Address (A) records are used to resolve a simple hostname to an IPv4 address.

MX Mail exchange (MX) records specify the mail server responsible for a network andhow mail should be routed.

AAAA An AAAA record is the equivalent of an A record, but it is specifi cally for IPv6.


c01.indd 03/26/2015 Page 24

CNAME Canonical name (CNAME) records are aliases to other records. These make the DNS servers more fl exible and adaptable.

PTR A pointer (PTR) record retrieves a resolution for a service or host. The DNS namelookup of that name does not proceed. These records are most often used for reverse look-ups (IP address to hostname) for other services.

Dynamic DNSDynamic DNS is a useful service that allows a computer or device to notify a server tomake an entry for it in the DNS database. It can also notify the server of any changes sothat the database is automatically kept up to date. That way, the address that was just assigned to a computer by DHCP can also be known by DNS.

Proxy/Reverse Proxy A proxy is a person or an agent who performs an action on behalf of someone else. In the legal world, the term is used when an attorney is permitted to sign on behalf of the cli-ent. In the information technology (IT) realm, it means relatively the same thing. A proxy server is, therefore, a device that makes a connection to another location, most often a website, on behalf of the user. A reverse proxy is a device that makes a connection back tothe user on behalf of the server that actually contains the information.

For example, if you want to centralize access to the Internet to control it and track its usage, you can confi gure the browsers on the user computers to use the address of theproxy server as a gateway to the Internet. When the user makes a request on a browser, the proxy server will actually make the request to the Internet on behalf of the user. Thisallows you to control access to the sites users can visit and determine who can visit them and when. Typically, the proxy server will also keep a detailed record of these Internetrequests. If a person is being reprimanded or fi red for improper Internet use, your HR team often has these reports in hand as Exhibit A!

Also, since the proxy caches the web page, it can be used to speed up access to the pagefor all users. For example, because a hostname is resolved to an IP address for one user toaccess a resource, this information can be stored in the proxy and used by other users. A proxy server that provides this type of service is referred to as a caching proxy . This type of yserver is often used to speed access to commonly used Internet and intranet sites.

Similarly, if you want to give specifi c access to a server’s data while at the same timekeeping the actual location of the data secret, you can use a reverse proxy. The reverseproxy will poll the actual server for the data, while never revealing the actual location of the server or that data it contains. This decreases the chance of that server coming underdirect attack.

NATNetwork address translation (NAT) is a service that translates one set of IP addresses toanother set of IP addresses. NAT is most often used between a private network and the


c01.indd 03/26/2015 Page 25

Internet, but it can also be used in other ways such as to translate a group of global internaladdresses to a group of global external addresses. NAT can run on a computer, a router, or a specialized device that provides only network address translation. If your organiza-tion has recently merged or acquired other organizations, then you might see NAT used between the two IP systems that were set up autonomous to each other and that are very unlikely to just mesh perfectly without translation. In this case, the NAT device would con-tain a table of addresses on one network that are to be translated to addresses on the othernetwork. There are three main forms of NAT. They are referred to as PAT, SNAT, and DNAT. Figure 1.7 illustrates NAT.

F I GU R E 1.7 NAT

NAT Device

All clients are mapped to usea different IP address.

10.0.0.1187.55.1.10

10.0.0.2

10.0.0.210.0.0.310.0.0.4

187.55.1.11187.55.1.12187.55.1.13

Internet10.0.0.3

10.0.0.4

PATPort address translation (PAT) is a service that most people actually think of as NAT. When you have two or more computers on the inside of a network that share one exter-nal address (usually the outside interface address of the router), the only way to keep their network communication channels separate and organized is by port designation on each packet. PAT changes the source address of a packet as it passes through therouter or other device using PAT, appending it with a specifi c port number. It then keeps a record of the port numbers to which it has assigned packets and the true inside local address of the computers that generated them. In this way, PAT uses ports to pro-vide address translation for many inside source addresses to one outside source address. In other words, PAT is many‐to‐one in contrast to other forms of NAT, which areone‐to‐one.

In your scenario, you could use PAT so that employees within your organization could all connect to the Internet using the same registered external IP address, while eachemployee has a separate internal IP address. Figure 1.8 illustrates PAT.


c01.indd 03/26/2015 Page 26

F I GU R E 1. 8 PAT

PAT Device

All clients are mapped to use the 187.55.1.10 external IP addresswith various ports.

SRC 10.0.0.2 port 1025 SRC 187.55.1.10 port 1025

10.0.0.1187.55.1.10

10.0.0.2

10.0.0.2 = 102510.0.0.3 = 102610.0.0.4 = 1027

187.55.1.10 : 1025187.55.1.10 : 1026187.55.1.10 : 1027

Internet10.0.0.3

10.0.0.4

SNAT Source network address translation (SNAT) is used to translate the source address of outgoing packets that are traversing a router or other device to another source address. This type of NAT might be used to connect computers using private IP addresses to the Internet by converting their source addresses to an address that is advertised on theInternet. It might also be used to translate the IP addresses of one organization to the IP addresses of another, in the case of a merger of the two companies. The important point to remember about this type of NAT is that there is no translation in the other direction.In other words, return traffi c can come back to the translated IP address but will have noway of knowing how to return to the original address, since the address translation was only one way.

DNAT Often used as a companion to SNAT, destination network address translation (DNAT) translates the destination address of incoming packets to a new destination address.Using this type of NAT, you can expose a publicly available address to a web server (forexample) without exposing the true private address. Also, you can use an address thatcan be advertised on the Internet to connect to a web server that has a private address. The most important point to remember about this type of NAT is that there is no transla-tion the other way. In other words, the router or other device will have no way of return-ing the packet to the original requestor without additional confi guration, such as SNAT or PAT.


c01.indd 03/26/2015 Page 27

Port ForwardingPort forwarding is a service that you can use to allow your remote computers to connect toga computer or service within your private IP network. The service to which the computer will connect is identifi ed by a port. Therefore, network traffi c that contains that specifi c portnumber as a destination can be automatically forwarded to that service. That service might allow a user to bypass a fi rewall, access data, or even enter a tunnel to another service.

Exam EssentialsKnow the configuration options of DHCP. Clients will generally be confi gured using DHCP servers, whereas routers, printers, and servers will generally have static addresses.You can use registrations to make sure that a specifi c computer always receives a cer-tain address. These are generally based on its MAC address. Scopes are the ranges of IPaddresses that are used for dynamic IP address assignment by the DHCP server. Leases determine the amount of time that the client is allowed to keep the address it has beenassigned. There are many other options that you can confi gure on a DHCP server fordynamic assignment to the client, including DNS servers and suffi xes. The DHCP server caneven inform the DNS server of a client’s new IP address, if the client and server both support dynamic DNS. Subnets without DHCP servers will often contain DHCP relays or IP helpers to communicate as a go‐between for broadcast traffi c until an address is fully assigned.

Know the types of records used in DNS. Understand the different types of DNS recordsand how they are used by the DNS servers and the network as a whole. A records are the most common and are used to resolve a hostname to an IP address. Other types of recordsare more specifi c, such as MX records for mail servers and AAAA records for IPv6.

Know the purpose of proxy and reverse proxy. Proxy and reverse proxy servers are used to deliver data on behalf of a user or other server. Proxy servers typically make a con-nection to the Internet on behalf of users in your organization while logging and caching the activity of the user. You can use reverse proxy servers to protect the identity of highly secure servers in your organization. Another less‐secure server can obtain the data for a user and return it on behalf of the secure server.

Know the types of NAT and when each might be used. Network address translation (NAT) is the overall term that can actually be confi gured in many ways. Port address translation (PAT) provides for many‐to‐one two‐way communication by using ports to dif-ferentiate communication of PAT clients. Source NAT (SNAT) only translates the source address of outgoing packets and does not provide any destination translation. Often usedalong with SNAT, destination NAT (DNAT) only translates the destination address of incoming packets and does not provide any source translation.

Know the uses of port forwarding. Port forwarding allows traffi c to be identifi ed by the destination port number and treated in a manner that is different from traffi c not identifi edwith that port number. This could allow traffi c to bypass a fi rewall, enter a tunnel, and so on.


c01.indd 03/26/2015 Page 28

1.4 Explain the Characteristics and

Benefits of Various WAN Technologies

Today’s organizations use many different types of WAN technologies. Your decision to useone technology over another will largely depend on the properties each one offers and theadvantages it may provide your organization. In the following sections, I’ll discuss the char-acteristics and benefi ts of each of the main WAN technologies.

Fiber Fiber‐optic cable (fi ber) is often used in network backbones to provide high bandwidth for fast, reliable communications. In addition, some companies, such as Verizon, are now offer-ing fi ber‐optic cable connections to the user’s desktop. This technology can deliver Internetspeeds up to 150 Mbps, but the availability is currently quite limited. It uses an opticalnetwork terminal (ONT), which is provided by the vendor and generally offers wired andwireless connections. Some of the most common implementations of fi ber include SONET,DWDM, and CWDM.

SONET How about a protocol that will push data at 150 Gbps over fi ber links and has to be con-trolled using atomic clocks? That’s what Synchronous Optical Networking (SONET) can gdo. It’s especially useful for networks that span multiple geographic regions because theatomic clock mechanism in it keeps everyone on the same exact millisecond. As you canimagine, this protocol requires expensive equipment and expertise. It is typically used by large communication providers and very large corporations as a transfer mechanism orbackbone for data traffi c. In regard to speeds, SONET generally provides an STS‐1 link of 50 Mbps bandwidth and multiples thereof, whereas STS‐3 provides about 150 Mbpsbandwidth.

DWDM Dense wavelength division multiplexing (DWDM) is an optical technology used to increase gbandwidth even further over existing fi ber‐optic backbones. It works by combining andtransmitting multiple signals simultaneously at different wavelengths on the same fi ber. One fi ber is essentially turned into multiple virtual fi bers. Currently, because of DWDM, single fi bers have been able to transmit data at speeds up to 400 Gbps.

CWDM Course wavelength division multiplexing (CWDM) used the same concept as DWDM andgwas actually succeeded by DWDM, but it’s still used by some organizations including cableTV companies. It allows them to extend their offerings without installing more fi ber. Five hundred channels anyone?

1.4 Explain the Characteristics and Benefits of Various WAN Technologies 29

c01.indd 03/26/2015 Page 29

Frame Relay Organizations that have many locations across a wide geographic region and that want to con-nect each of those locations to each other have many options with today’s communications net-works. They could connect them all with dedicated lines. This could be very expensive, though, since they would need many dedicated lines. For example, if an organization had just fi ve loca-tions that it wanted to mesh fully with dedicated lines, it would require 10 dedicated lines.

Instead of using dedicated lines, another option available to organizations is to use a network of switches and special routers that spans the globe and can be connected to atany point. These lines take the information from a computer or other host and relay itto its fi nal destination. This type of networking is referred to as frame relay because theLayer 2 frames are actually being relayed across the switches and special routers insteadof being sent on dedicated lines. This has been an effective method of communication for many companies over the last 10 to 15 years, but it is gradually being phased out nowbecause of even better communication options.

If you take a Cisco or other type of WAN‐based class, you will no doubt learn thedetails, and a myriad of terminology, about frame relay. For the purposes of this course,you should just know that it is a method of using common (nondedicated) lines to com-municate network traffi c at Layer 2 (the Data‐Link layer) so as to join two hosts within the same subnet. The Layer 2 address that it uses, referred to as a data link connectionidentifi er (DLCI), is generally assigned by the service provider such as AT&T or Sprint. The guaranteed communication rate that the service provider agrees to is the committed infor-mation rate (CIR). Thus, the main reason that you might choose frame relay over dedicated lines is that you can get an acceptable CIR for your connections for much less money thanyou would pay to have dedicated lines for each one.

Satellite Let’s say that you live out in the countryside and don’t have cable TV and Internet. If that’sthe case, then your best (and maybe only) option is a satellite hookup. You may also decide to use a satellite hookup because it is the most economical or dependable service in yourarea. In either case, you will need a dish antenna and a professional installer or instructions on how to fi nd their satellite with your dish antenna.

It always makes me laugh when I hear someone say that they put the satellite in the back-yard to get the TV signal. That’s not the satellite. The satellite is in geostationary orbit high above the earth, and your little antenna is just going to pick up on its signal from space.

Once you have that, you can then use that signal as a download from the Internet. Nowuploading is a bit trickier, since you probably won’t have a high‐powered transponder.Many satellite communications companies have provided the upload through your regular telephone line dialup connections. Some now provide a DSL line to give you more band-width for uploads. Others advertise a two‐way satellite system that actually does send some signal back to the satellite from the antenna. These are typically more expensive and harder to install. Satellite communications companies offer data rates that rival those of their big-gest competitors, cable and DSL.


c01.indd 03/26/2015 Page 30

Broadband Cable Cable companies long ago jumped on the bandwagon to offer you a path to the Internet that begins with connecting your computer to a special cable modem. That modem is con-fi gured by the cable company to be recognized by its central offi ce, also called the headendof the cable company. From there, the cable company becomes your Internet service pro-vider (ISP), connecting you to the Internet.

Many small businesses and home users have chosen this option for their Internet connec-tion. The advantages include the fact that most cable companies can provide tremendous bandwidth (30 Mbps and faster) downstream and acceptable bandwidth (over 1 Mbps) upstream. This is all most users and small businesses really need. A potential disadvantage is that you will share bandwidth with others who are in your immediate service area. This means that at peak times your performance could become degraded.

DSL/ADSL Another inexpensive option for small companies and home users, which provides con-siderable bandwidth for an economical rate, is a digital subscriber line (DSL). The most common of these is the asymmetric digital subscriber line (ADSL). The reason this type of connection can be economical is that the lines it uses are already in place. They are your regular telephone lines. The service provider uses the regular telephone lines and special equipment that multiplexes the signal to provide tremendous bandwidth over that which dialup lines provide.

Now, as you may know, asymmetric means “not the same on both sides” or “notbalanced.” So, what is not balanced about an ADSL line? The bandwidth is not balanced; in fact, it’s not even close. You may have noticed that service providers advertise ADSLusing megabits per second for download speed but kilobits per second for upload speed. That’s because the upload speed is so much slower that it wouldn’t sound that great in megabits per second. For example, one popular carrier offers its base‐rate ADSL that has adownload speed of 10 Mbps and an upload speed of 512 Kbps. Sounds pretty good, doesn’t it? Well, what if I offered it to you with 10 Mbps download and only 0.5 Mbps upload—how much would you buy then? As you can see, they are both the same, but many people don’t catch this fact.

The upload speed of ADSL is generally about 120 its download speed. The reason that

most people buy it anyway is that they don’t really care too much about the upload speed.Most of what they do that is bandwidth intensive is downloading, such as surfi ng theInternet, watching movies, and pulling down fi les. Now, if they were building a website or transferring large fi les to an FTP server, that would be a different story altogether. However, most people aren’t doing that, so ADSL is fi ne for them.

For those who want a little more upload speed, a DSL service is available in some areas that provides a balance of upload and download speed. It is referred to as symmetric digital subscriber line (SDSL). Typically, you won’t get the fastest download speed withthis option, but that is not usually what you are after anyway. If you are considering this option, you are one of the few who really does put large fi les back onto the Web, such as


c01.indd 03/26/2015 Page 31

when building a website or sending fi les to an FTP server. The additional upload speed willsave you considerable time and headaches from watching that agonizingly slow progressindicator line, if you know what I mean!

At the time of this writing, many areas offered SDSL at rates of up to 3 Mbps but usu-ally about 1.5 Mbps. You might recognize that as about the same as a T‐1, which offers 1.54 Mbps. This is no coincidence since many small businesses consider SDSL to be a less‐expensive option that gives them essentially what a T‐1 would have, especially if they areusing the bandwidth in its entirety. Not all areas offer SDSL, but in many areas it can beused to provide bandwidth acceptable to a business and still save money vs. leasing a dedi-cated T‐1 line.

What if you want to have your cake and eat it too? In other words, what if you wantvery high bandwidth for both upstream and downstream so that you can watch your mov-ies in HD and upload large fi les all at the same time? In that case, you will need very high bit‐rate digital subscriber line (VDSL). Currently, service providers are experimenting with new lines that will provide more than 100 Mbps (that’s right, I said 100 Mbps) for bothupstream and downstream simultaneously on regular telephone lines! As you might imag-ine, this is still an emerging technology, and you had better be prepared to pay for it, at least compared to what you pay now for ADSL or SDSL.

ISDN This is one that I can’t believe is still in the exam objectives! It’s been so long since we usedISDN that it should just go away, and we shouldn’t need to know the details anymore. Ohwell, since it’s listed on the objectives, I’ll go over the most important aspects regardingISDN BRI and ISDN PRI that you might need to know for the test…and very unlikely for real life.

ISDN BRI is a Layer 2 protocol that allows for two communication channels and oneIcontrol channel. The communication channels are referred to as B (bearer) channels, andthe control channel is referred to as a D (delta) channel. Each of the B channels can carryup to 64 Kbps of data (that used to be a lot), and the control channel can use 16 Kbps fordata control. ISDN BRI is sometimes referred to as 2B + D, but this is actually misleading because the B channels are really the only usable bandwidth for data. Thus, an ISDN line can carry a whopping 128 Kbps of data! In other words, one T‐1 is the rough equivalent of 12 ISDN BRI lines. ISDN also employs all kinds of telephone company terminology that identifi es the reference points and the devices, but the chance of you having to know that for this exam (or for real life anymore) is so remote that it hardly bears mentioning.

ISDN PRI came out a little later, and it’s a very different story than ISDN BRI. AnIISDN PRI link is almost the same as a T‐1 line in regard to its capacity to carry data. It consists of 23 B channels (each with 64 Kbps) and 1 D channel (also with 64 Kbps). A littlequick math should tell you that a single ISDN link will carry 1,472 Kbps, which, as youcan see, is very close to a T‐1.

So, why would a company choose an ISDN PRI link over a T‐1? Actually, it could come down to the availability in an area, the cost, the type of equipment that the company already owns, and the business rationale for the link. Both ISDN PRI and T1 links offer


c01.indd 03/26/2015 Page 32

23 DS0s for a customer’s actual bandwidth use. (That’s the dirty little secret about T1s—you don’t get all 1.544 Mbps for your use, but you should still know that number for the exam.) Some equipment has ISDN PRI interfaces built in, which allow fl exible control of the 23 B channels, so a company can use them for special needs such as videoconferencesor network‐based meetings. ISDN PRI also employs a myriad of telephone company jargon that, thankfully, you will not need to know. Just know that it’s 23 B + D and that all chan-nels are 64 Kbps DS0s, and you will be fi ne.

ISDN BRI: Then and Now

In the early 1990s, when ISDN BRI was just coming out, I was working at Sprint in Florida.

We used to joke that ISDN stood for either “It Still Does Nothing” or “I Still Don’t kNow.”

Sprint wanted about 90 bucks a month for it so that you could combine your Internet ser-

vice with your telephone services. The problem was that most people at that time were

saying, “What’s an Internet?” You see, the Internet at that point was accessible only by

text commands and usually only through a university or a large corporation. It wasn’t all

that exciting then, except for a few of us geeks.

By the mid‐1990s, though, with the ushering in of the World Wide Web and hypertext

browsing, everything had changed. We sold a lot of ISDN BRI during that time until the

newer technologies of ADSL and cable modem Internet took its place. Then we still sold it

as backup lines to companies that were leasing a T‐1 or a T‐3. It was no longer an expen-

sive add‐on by that time. Now ISDN BRI is all but gone, but you still need to know the his-

torical information covered in this chapter for the exam.

ATM I like to joke that ATM is a technology that allows you to take money out of your bank!Actually, ATM does not stand for “automated teller machine” (at least in this case) but forasynchronous transfer mode. Unfortunately, knowing what the acronym means still doesn’ttell you much about what this protocol does. In essence, it’s a protocol that was developed after Ethernet, and it provides a much more effi cient way of transferring data than does Ethernet.

ATM was developed in the mid‐1980s to be used for voice, data, and video applications.We needed a more effi cient protocol to provide movies and sound for training and for fun.It uses a fi xed‐length cell of 53 bytes rather than the variable‐length packets that are usedby Ethernet. This allows for more effi ciency, since the devices never have to fragment andreassemble large packets. The original ATM technology was already much faster than Ethernet; it was able to transfer voice, data, and video signals at up to 500 Mbps. It’s now even faster and is being used by some telecommunication and Internet providers as a back-bone or core layer. ATM, like every other technology, will eventually be replaced by faster successors.


c01.indd 03/26/2015 Page 33

PPP/Multilink PPP Point‐to‐Point Protocol (PPP) is the standard remote access protocol used today. It pro-lvides for authentication mechanisms, error checking, and multiple protocol support. Youcan choose from among several authentication options, including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Extensible Authentication Protocol (EAP). (I will discuss each of these protocols in greater detail in Chapter 3 .)

PPP establishes a session with this three‐step process:

1. Framing rules are established between the client and the server. These include the sizeof the frames allowed as well as the data rates that can be used.

2. The client is authenticated by the server using the configured authentication protocol.

3. Network control protocols (NCPs) configure the remote client for the correct LANprotocols, TCP/IP, and so on.

After these three steps are successfully completed, the server and client can begin to exchange data.

At this point, if multiple physical lines are being used, multilink PPP can be used to number the frames being sent so they can be spread across the physical connections and sorted out at the destination. This can improve the throughput of the connection. For example, two telephone lines or router interfaces can be used instead of just one for the same communication.

MPLS Multiprotocol Label Switching (MPLS) is a relatively new mechanism used to create aglogical network topology with no dependence on a specifi c underlying protocol. Instead, it uses labels to make forwarding decisions on packets and thereby offers you a tremendousamount of fl exibility in regard to network planning and prioritization of traffi c. For exam-ple, you could decide to give a specifi c customer’s traffi c a higher priority through your net-work, just because that customer adds more to your bottom line than other customers do.The specifi c confi guration of MPLS is beyond the scope of this book.

GSM/CDMA One morning, when I got to my offi ce computer, the Internet was down. I quickly deter-mined that everything was connected and even tried a restart of my cable modem but to no avail. I called the provider, who said that they were aware of a problem in my area andwould have it fi xed within a couple of hours. Hours ! Without Internet? I have a business torun, you know!

Fortunately, I also have a wireless card that fi ts into any USB port on a computer andthen connects to my cellular provider. Mine gives me 7.2 Mbps download speed, which isfast enough for a backup line. Because of it, I was able to conduct business rather normally that morning while my primary provider got their issue solved.


c01.indd 03/26/2015 Page 34

The latest 4G technology of these cards can operate at speeds up to 100 Mbps, so these types of cards can be used for primary Internet as well as backup lines. There are even some now that allow you to set up your own network and allow a few other users to con-nect as well. There are two competing standards, Global System for Mobile communica-tions (GSM) and Code‐Division Multiple Access (CDMA). Whether you end up using one or the other of the standards, or even a hybrid of the two, will be determined by the cellular vendor that you choose. Variants of these services include LTE/4G, HSPA+, 3G, and Edge.

LTE/4G A newer generation of cellular standards has appeared about every 10 years, since the fi rstgeneration (1G) was introduced in 1981. Long‐Term Evolution (LTE) fourth‐generation(4G) is the latest wireless communication standard for high‐speed data used by mobilephones, iPads, Androids, cellular data terminals, and so on. It provides downlink rates of 300 Mbps and uplink of about 75 Mbps. This allows the users to check their email and browse the Web with ease on their iPhone, iPad, Android, or other smart device.

HSPA+High‐Speed Packet Access preceded LTE for wireless networks and accompanies the third‐ generation (3G) products. It is capable of speeds up to 168 Mbps down and about 22 Mbpsup. For some users this is enough for what they need. It is still used with legacy 3G phones and devices.

3G Going backward now, the original third‐generation (3G) wireless communication was abreakthrough that made it plausible for users to have and use a smartphone, although dataspeeds were often less than one‐tenth of what we enjoy today.

EdgeEnhanced Data Rates for GSM Evolution (Edge) (Aren’t these acronyms fun!) is a 2G stan-dard that is backward compatible to the new standards but doesn’t support the bandwidth that they do. It’s what you might see on your phone display when you are out of town orout of the country. It means that you might be able to check your email, but you aren’t going to watch ESPN live. It boasts peak rates of about 1 Mbps but usually only delivers about half of that. It will make you glad that you have 3G or 4G most of the time!

Dialup Also called plain old telephone service (POTS) or public switched telephone network (PSTN),dialup service offers agonizingly slow (in today’s terms) 56 Kbps lines.

POTS is a term that telephone company employees assigned to those public switched lines when newer and more sophisticated links such as ISDN, T‐1, T‐3, and the like beganto emerge. The point was that the normal modem‐based dialup communications ran on the


c01.indd 03/26/2015 Page 35

same lines that everyone had been talking on for almost 100 years! What you should know about dialup are the advantages (yes, there are some) and disadvantages of it vs. the newer technologies that I’ve covered.

The main advantages of dialup are availability and cost. It is still highly available,although many people have decided to do away with regular telephone lines in lieu of otheroptions such as cellular. However it is still available and at a relatively low cost when com-pared to other services. It is sometimes used in business as a backup for a management con-nection for a router, switch, or computer.

As you may have guessed, the major disadvantage of dialup lines is that they do not sup-port the bandwidth that we need in order to do all of the fancy stuff that we want to do on our computers today, such as download movies and large fi les, surf multiple websites at the same time, and hold videoconferences with our peers. Still, some people in the world hearthose screeching tones of the modem handshake when they dial up to their ISP today.

WiMAXWorldwide Interoperability for Microwave Access (WiMAX) is a telecommunicationsprotocol that is sometimes referred to as Wi‐Fi on Steroids. It can be used for a number of applications including broadband connections, but it can also permit usage at much greaterdistances than Wi‐Fi. On a larger scale, such as for an entire community or even a smallcountry, WiMAX is much more cost effective. Identifi ed by the IEEE 802.16 standard, it isbeing used for last‐mile connectivity options rather than using cable or DSL. The subscriber uses a WiMAX card that connects to their computer, usually in a USB port. Originally, afew years ago, WiMAX could deliver speeds up to 40 Mbps, but it can now deliver speeds up to 1 Gbps. That’s quite an increase in such a short amount of time!

Metro‐Ethernet Whereas Ethernet is generally associated with local area network (LAN) connections, many service providers now offer an extension of your Ethernet connections into a metro area network (MAN) or even into a wide area network (WAN). The advantages that this type of service offers include ease of use and confi guration, cost‐effectiveness, and fl exibility. Thedetails of these offering are beyond the scope of this text.

Leased Lines Most WAN connections are provided by a communications company referred to as a ser-vice provider . One of the main differences between a WAN and a LAN is that you gener-rrally don’t own all the connections on a WAN, unless you are the service provider. Instead,you pay the service provider to use connections that you don’t own. These connections are referred to as leased lines .

The types of network connections you will encounter in a WAN environment are very different from the connections you are used to in a LAN environment. Most network


c01.indd 03/26/2015 Page 36

connection types have evolved over time, offering the right properties to connect a com-pany’s computers based on the needs of the company for its connections. I’ll discuss WANconnection types such as T‐1/E‐1, T‐3/E‐3, OC3, and OC12 here.

T‐1/E‐1 Let’s say your company has one location in New York and another in San Diego. For yourcommunications, you would like to have a cable that connects the two locations. You could get a very big truck and a whole lot of cable and just start driving cross‐country, carefully spooling out the cable and telling everyone not to bother it. Of course, it still wouldn’t workwhen you got to the end because of the attenuation of copper wire, but that’s another story!

This ridiculous example will help you see what service providers have done for you. Inessence, they have already rolled out that cable, but they require payment to let you con-nect to both ends of it. Once you do, that’s your connection, and nobody else is on it. Theservice provider will generally condition the line from time to time, testing it and makingsure you are getting what you are paying for, but you will be the only one authorized to use it to communicate. Sometimes this division is only logical, but often it is physical as well; inother words, it’s your wire and only your wire at many points. Cool, huh?

The most common of these types of connections in the United States has been the T‐1 . In Europe, they use a very similar connection called an E‐1 . A T‐1 provides for 1.54 Mbps of dedicated bandwidth for the customer. This bandwidth can be used in total or divided upinto as many as 24 channels, called DS0s, which are each 64 Kbps. An E‐1 is very similarbut offers 32 DS0s instead of 24 for a total of 2.048 Mbps. This is accomplished using a device called a CSU/DSU. This gives the customer (you) many options in regard to the dis-pensation of the bandwidth to network resources. The cost of a T‐1 or an E‐1 varies basedon the connection points you choose, but it’s safe to say you would pay between $500 and $1,000 a month for one T‐1 line in most locations today. This is why an organization will consider other options before spending the money on a dedicated T‐1 connection. I shouldalso mention that a T‐1 is not (by far) the most expensive connection type you can choose.

T‐3/E‐3 Caution, the next couple of options are big bucks! What if you wanted a line like a T‐1 butmuch, much larger? Some large companies require high‐bandwidth, dedicated connections from one offi ce or datacenter to another. One way to accomplish this is by using a T‐3 line in the United States or an E‐3 line in Europe and much of the rest of the world. This type of line provides a tremendous amount of usable bandwidth that can be divided to fi t anorganization’s needs. A T‐3 provides for 672 DS0s, or the equivalent of 28 T‐1s or 44.736 Mbps! It is sometimes also referred to as a DS3 . An E‐3 provides for the equivalent of 512DS0s, or approximately 17 E‐1s or 34.368 Mbps.

OC3/12/x If you thought those were fast, you ain’t seen nothin’ yet! In the term OCx , the OC standsCfor “optical carrier,” and the x indicates the relative speed of the link. Well, the x just keeps getting bigger and bigger. The original speed of an OC trunk was about 50 Mbps, and it


c01.indd 03/26/2015 Page 37

was called an OC1. OC3 quickly followed with 150 Mbps. As you can calculate for your-self, OC12 delivers 600 Mbps. The fastest proposed standard at the time of this writing is OC‐7144F, which will offer a mind‐blowing data rate of 300 Gbps—that’s with a G !As you might imagine, only very large companies have the need (or the money) for theseoptions.

Circuit Switch vs. Packet Switch Now that we’ve looked at the latest types of communication, let’s take another quick look at some of the most mundane. For example, normal telephone lines still use a circuit switchtechnology. In contrast, older technologies such as X.25 and frame relay were packet switched. In this section, I will discuss the difference between these two approaches.

Circuit Switch The properties of WAN technology types are a description of the events that happen and/orthe attributes of the communication. In the case of circuit switch , we are back to our dialup lines. Once you establish a connection on a circuit‐switched network, the entire conversa-tion or line of data traffi c is sent on those same physical connections until you terminatethe connection. If you were to establish a new connection to the same place, you wouldlikely get a very different set of connections that would also complete your call.

Packet SwitchPacket switch networks are very different from circuit switch ones in that each data packet might take a different route to its fi nal destination during the same transmission. Theoriginal packet switch network, called X.25, was developed to overcome the challenge of sending reliable communications through an inherently unreliable medium. The unreliablemedium at that time was, you guessed it, Ma Bell!

A computer modem’s screeching must have sounded very different to those original telephone company switches than the voice of Alexander Graham Bell saying, “Come here,Watson, I need you.” If one switch wasn’t getting the job done, X.25 would just take a dif-ferent path automatically. However, because of the extensive error checking built into X.25, it was inherently very reliable…and very slow!

The newer packet switch networks include some that I’ve already discussed in this chap-ter such as frame relay. These networks use sophisticated virtual circuits to avoid errors and thereby improve effi ciency and data throughput. They are connection‐oriented now, so datadoesn’t move from one location until it’s completely cleared to land in the next. This makesfor fast and reliable data fl ow.

Exam EssentialsKnow the main technologies used on fiber. SONET is a fi ber standard that uses an atomicclock as part of its timing mechanism and can push data at speeds up to 150 Gbps overfi ber‐optic links. DWDM and CWDM expand the capabilities of a current fi ber installation


c01.indd 03/26/2015 Page 38

by sending multiple signals at the same time on the same fi ber strand at various frequencyrates and various light angles.

Know the various technologies used to send data on a WAN. Frame relay is a packet‐switching type of network that saved many companies money in its prime but is becoming (or has become) obsolete in most areas today. Satellite communications require the user to have a dish antenna that is installed so as to receive the signal from the satellite, without violating the home owners association agreements! Broadband cable uses the same wirethat brings your 200+ channels to also provide your Internet—amazing! DSL/ADSL pro-vide Internet access using the same wires that your landline phone uses, even at the same time. ISDN was once used as a higher‐bandwidth alternative to normal telephone linesbut is now mostly legacy and only used for some backup management lines. ATM was fi rst used for voice, data, and video lines. It offered 10 times what could be obtained by telephone lines but has since been replaced by even faster alternatives. PPP is one of thestandards for serial point‐to‐point communication lines today. It offers error‐checking and authentication mechanisms. MPLS is a relatively new standard that can be used on WAN and LAN lines and allows you to categorize and prioritize traffi c in any way you choose,regardless of its protocol.

Know the various technologies used as cellular communication standards. GSM/CDMA is the overall standard. There have been many improvements since the original standard in 1981. LTE/4G has the highest bandwidth capability and is the must‐have for all teenagers andkids of every age! HSPA+ is used with 3G and is not as fast as 4G, but you can still search theInternet if you’re patient. Edge is to be used only when something has gone terribly wrong and you can’t get a signal from 3G or 4G networks. You won’t be surfi ng the Web with this one!

Know the various technologies that can be used on public communications lines. Dialup is the fi rst standard that most of us know. It offers a blazing 56 Kbps connection (sup-posedly). It is rare that you see anyone using it today, with the exception of some backupmanagement lines that are command‐line driven. WiMAX is the other end of the spectrum from dialup. It offers a Wi‐Fi type connection for an entire community but with more bandwidth than is generally provided with Wi‐Fi. It has been called Wi‐Fi on Steroids!

Know the various types of leased lines. T‐1/E‐1 used to mean something big, but now they are relatively small at about 1.5 Mbps. T‐3/E‐3 lines offer 24 to 27 times the band-width and fl exibility as T‐1/E‐1 and are still used by many organizations today. OC x leasedlines are not for the common user because they are very expensive and promise insane datarates of over 300 Gbps on a WAN! The x denotes the speed with a 1 being about 50 Mbps,3 being 150 Mbps, and so on.

Know the difference between circuit switch and packet switch networks. A typical circuitswitch network is your landline phone. If you make a call and stay on it, all communicationwill continue on that line as long as you talk. When you hang up, the communication linewill terminate. If you were to call the same number again, you would get a different line of communication than before, even to the same end destination.

On the other hand, packet switch networks will send the same communication from source to destination using multiple communication lines. This increases the throughput

c01.indd 03/26/2015 Page 39

1.5 Install and Properly Terminate Various Cable Types and Connectors 39

and potentially the reliability of the communication. Typical examples of packet switchcommunication include frame relay and legacy X.25.

1.5 Install and Properly Terminate

Various Cable Types and Connectors

Using Appropriate Tools

The cables and connectors that you use to join network components have evolved over time and continue to evolve. Some connectors have superseded others because of their durabilityor ease of use. In this section, I will discuss the most common connectors and cables in usetoday. I will divide the discussion into categories including copper connectors and cables,fi ber connectors and cables, media converters, and the tools that you can use to install them.

Copper Connectors Copper connectors are not necessarily made of copper but instead derive their name from the cable to which they will be connected. There have been many different types of cop-per connectors over the last 20 years. Some have stood the test of time, whereas others arerarely seen anymore, but you might still have to know about them for the exam. In this sec-tion, I will discuss the most common types of copper connectors and their general use.

RJ‐11 Chances are very good that you have held an RJ‐11 connector in your hand, since they areused on all the telephone connections in the United States and most other countries. They can contain and connect two pairs of wires. In regard to computers, you are most likely touse an RJ‐11 connector when you attach a modem to a telephone line in the unlikely event you are still using a dial‐up connection. I know there are still some out there somewhere!Figure 1.9 shows an RJ‐11 connector and jack.

F I GU R E 1. 9 An RJ‐11 connector


c01.indd 03/26/2015 Page 40

RJ‐45 The RJ‐45 connector is the most common of all network connectors. It is used to con-nect network interface cards (NICs) to hubs and/or switches. RJ‐45s can also be used to connect network devices for communication as well as control. The RJ‐45 connector can contain and connect four pairs of wires, although they generally connect only two pairs.Figure 1.10 shows an RJ‐45 connector.

F I GU R E 1.10 An RJ‐45 connector

RJ‐48C The RJ‐48C is another registered jack that is used for T‐1 lines. It uses different wire pairs Cthan those used by the RJ‐45 jack. I will discuss wire pairs later in Chapter 4 .

DB‐9/RS‐232 The DB‐9 or recommended standard 232 ( RS‐232 ) was a cable standard commonly usedfor serial data signals connecting between data terminal and data communications equip-ment, such as when connecting a computer’s serial port to an external modem. As you can imagine, it is used much less frequently today than it was in the past. Still, you shouldbe able to recognize a DB‐9 female connector as one that might be used in an RS‐232 connection. These types of connections are being superseded in today’s networks by moremodern connectors such as USB. Figure 1.11 shows an RS‐232 connector.

F I GU R E 1.11 A DB‐9 (RS‐232) connector

c01.indd 03/26/2015 Page 41

DB‐25 The DB‐25 connector is so named because it has 25 pins that can be used. Chances aregood that not all of these will be used in any confi guration in which this connector is placed. DB‐25 connectors have been used over the years for everything from modems to printers. They have also been confi gured for serial communication as well as for parallel communication. They are considered legacy now and you are not likely to see them in use. Figure 1.12 shows a DB‐25 connector.

F I GU R E 1.12 A DB‐25 connector

UTP Coupler A universal twisted pair (UTP) coupler sounds a lot fancier than it really is. It’s just a small plastic box that has two female RJ‐45 or RJ‐11 ports on either side of it. It can be used toextend the length of a cable by adding another cable to it. This is generally considered a one‐off type of connection, because best practices would generally dictate a new cable of the proper length. Figure 1.13 shows a UTP coupler.

F I GU R E 1.13 A UTP coupler



c01.indd 03/26/2015 Page 42

BNC Coupler A BNC coupler is the same idea as a UTP coupler, but it’s used to extend the length of arcoaxial cable. It also consists of two female connectors, one on each end. Since coaxial cablesare rarely used for general networking in today’s networks, you are most likely to see these used with other types of connections, such as security cameras. Figure 1.14 is a BNC coupler.

F I GU R E 1.14 A BNC coupler

BNC While we’re at it, we may as well describe a BNC connector . Although this type of coaxial rrconnector is rarely used in today’s networks, it is still listed as an item to recognize forthe exam. The BNC connector is pushed in and then locked onto the connection to hold itsecurely in place while connecting the core wire. See Figure 1.15 .

F I GU R E 1.15 A BNC connector

F‐connector The F‐connector (Figure 1.16 ) is a coaxial type connector that is commonly used with cable TVrand cable modems. It will most likely be attached to an RG‐6 or RG‐59 (in older installations) cable and will provide a solid connection to facilitate the carrying of data or television signal.

F I GU R E 1.16 An F‐connector

c01.indd 03/26/2015 Page 43

110 Block A newer type of wiring distribution point, called a 110 block , has replaced most 66 block telephone wire installations and is also being used for computer networking. On one sideof it, wires are punched down, while the other side has RJ‐11 (for phone) or RJ‐45 (fornetwork) connections. The 110 blocks come in sizes from 25 to more than 500 wire pairs.Some are capable of carrying 1 Gbps connections when used with CAT6 cables. Figure 1.17shows a 110 block.

F I GU R E 1.17 A 110 block wire connector

66 Block The now‐ancient 66 block wiring distribution point was the telephone company’sstandard for terminating sets of telephone wires with the use of a punch down tool.Contrary to their name, they were actually manufactured in multiple sizes to accommo-date the size of the business telephone line system. They were really strictly for analog voice communications and have therefore been replaced by more modern hardware, suchas 110 block.

Copper Cables As networking has evolved, the types of cable and their properties have dramatically changed. We have moved from using cables made only from copper wire to also using cables made from glass fi bers. In this section, I will discuss your options in regard to cop-per cables. Some of these are still in use today, while others have been superseded and areancient history.

Shielded vs. UnshieldedUnshielded twisted‐pair (UTP) cable is the most common type of cable in use today. UTPis used most often because it is far easier to install than STP (which I will discuss next). It is commonly used in the access and distribution areas of a network. The only protection



c01.indd 03/26/2015 Page 44

from electrical interference provided by UTP is that the pairs of wires within the cable are twisted, which is usually enough. Figure 1.18 shows a UTP cable.

F I GU R E 1.18 A UTP cable

Shielded twisted‐pair (STP) resembles UTP except that it includes a foil shield that covers rthe wires and adds another layer of protection against outside magnetic interference. For thisprotection to be effective, the connections have to be properly grounded. This adds to the complexity of installations, so most organizations have opted to use fi ber‐optic cable instead of STP when electromagnetic interference is a problem. Figure 1.19 shows an STP cable.

F I GU R E 1.19 An STP cable

CAT3, 5, 5e, 6, and 6aThe category of a twisted‐pair cable indicates the tightness of the twist applied to the wirepairs in the cable. The twist in wire pairs prevents an electrical interference called crosstalkfrom affecting the communication. Crosstalk occurs when a signal bleeds over from onewire to another (even through the insulation of the wire). The tighter the twist, the faster you can transmit information through a cable without suffering from crosstalk. Table 1.1 shows the maximum speed of the main cable categories. Category 5e (enhanced) is thecable type that is currently recommended as a minimum for all new installations.

c01.indd 03/26/2015 Page 45

TA B LE 1.1 Cable categories and speeds

Category 3 Category 5 Category 5e Category 6 Category 6a

Maximum Speed 10 Mbps 100 Mbps 1000 Mbps 1000 Mbps 1000 Mbps

You may have noticed that Categories 5e, 6, and 6a all have the same

maximum speed, so why would you choose one over another? For one

thing, compared with Category 5e, Categories 6 and 6a have more strin-

gent specifications regarding crosstalk and noise. They also require a

slightly modified RJ‐45 connector to meet the specification and hold the

tighter twist.

PVC vs. Plenum The difference between PVC and plenum cable involves how each is constructed andwhere it is authorized for use. Many large multistory buildings are designed to circulate airthrough the spaces between the ceiling of one story and the fl oor of the next. This area in between fl oors is referred to as the plenum . It is generally perfect for running cables to con-nect the many computers in the building.

However, in the event of a fi re, the cables in the plenum can become a serious hazard in two ways. First, their insulation can give off poisonous smoke that would then be cir-culated throughout the building. Second, they can become a wick for the fi re and actuallyhelp spread it from room to room and fl oor to fl oor. Not pretty, huh?

To prevent both of these occurrences, the National Fire Protection Association (NFPA)limits the use of cables in the plenum to those that it has tested to be safe. A plenum cable is therefore tested to be fi re retardant and to create no (or a very small amount of) smoke andpoisonous gas when burned. A PVC cable does not meet these standards and can thereforebe used anywhere except in a plenum. PVC cables are typically less expensive than ple-num cables. However, most organizations use plenum cable only in the plenum for obvious reasons.

RG‐59 vs. RG‐6 Coaxial cable consists of an inner core wire and an outer braid of insulating wire. The inner core wire carries the entire signal. In the late 1980s, coaxial cable was used as thelbackbone of network segments and to connect computers to the bus topology that made upthe network. The larger coaxial cables that generally made up the backbone were referredto as thicknet , while the smaller drop cables used to connect the computers were calledtthinnet . Sometimes we used a special device called a t vampire tap to pierce the coaxial cable and get the signal from the core. Oh, those were the days! Figure 1.20 shows a coaxial cable.



c01.indd 03/26/2015 Page 46

F I GU R E 1. 20 A coaxial cable

Coaxial cable is rarely used anymore for network backbones or to connect computers, but it is being used today for television connections and to connect cable modems to broadbandInternet connections. There are basically two standards in general use today: RG‐59 and RG‐6. Of these, RG‐6 offers a thicker core wire for less resistance and better performance.

Straight‐Through vs. Crossover vs. Rollover A straight‐through cable is the most common type of cable used in a network. It is typi-cally referred to as a patch cable , because it is used to patch one network device to another. Straight‐through cables are generally used to connect network devices that are dissimilar.

For example, in a typical network, a computer is attached to a wall jack using a straight‐through cable. The wall jack is attached to a patch panel (for fl exibility and redundancy),and then the patch panel is attached to a switch. In essence, a computer attached to aswitch uses a straight‐through cable. A computer and a switch are very different in regardto how they function on a network and therefore are considered dissimilar.

In contrast, a crossover cable is used to connect network components that are similar to each other. Let’s say you wanted to attach a switch to a switch. By this defi nition, the devices are similar, and therefore you should use a crossover cable instead of a straight‐through cable. Suppose you accidentally used a straight‐through cable where you should have used a crossover cable; would that work? Well, yes—most modern switches wouldautosense the difference and switch the pins for you. However, for the exam, you should know that straight‐through cables are used to connect dissimilar network devices andcrossover cables are used to connect similar devices.

A rollover cable is something very different again. It gets its name from the fact that itswiring pattern is rolled over (or backward) from that of a straight‐through cable. A rollovercable is generally used to connect to a console port on a network device and manage itsconfi guration locally. Some rollover cables have a DB‐15 connection on one end that con-nects to serial port on a desktop or laptop computer. Table 1.2 shows the most commoncable types and their uses.

TA B LE 1. 2 Cable types and uses

Device 1 Device 2 Cable type

PC Switch Straight

PC PC Crossover

c01.indd 03/26/2015 Page 47

Device 1 Device 2 Cable type

Switch Router Straight

Router Router Crossover

PC Router Crossover

Most of the entries in Table 1.2 are very straightforward; however, the

last one is a bit tricky. The reason that a connection between a PC and

a router uses a crossover cable is that a PC is very much like a router. In

fact, you can create a router from a PC with an additional NIC and the right

configuration.

Fiber Connectors There are many types of connectors from which you can choose to connect your fi ber‐opticcables to network devices. In this section, I will discuss the most common fi ber‐optic connectors. You should be familiar with the appearance and general purpose of each typeof connector.

ST The straight tip (ST) connector uses a half‐twist bayonet type of lock to hold it in place securely. ST connectors are most commonly used with single‐mode fi ber‐optic cable thatruns long distances. It resembles a small BNC connector, but it’s generally made of hard plastic. Figure 1.21 shows an ST connector.

F I GU R E 1. 21 An ST connector



c01.indd 03/26/2015 Page 48

SC The standard connector (SC) is a type of fi ber‐optic cable connector. It uses a push‐pull connector mechanism similar to common audio and video plugs. SC connectors are most often used with multimode fi ber‐optic cable that is providing a backbone segment for a local area network. Figure 1.22 shows an SC connector.

F I GU R E 1. 22 An SC connector

LC The local connector (LC) is a fi ber connector that is built into the body of an RJ‐style jack.The LC connector is perfect for local connections in an organization’s telecom room or net-work closet. Figure 1.23 shows an LC connector.

F I GU R E 1. 23 An LC connector

MTRJ The mechanical transfer‐registered jack (MTRJ) connector is becoming more popularbecause of its compact size and durability. It contains two fi bers next to each other and resembles an RJ‐45 connector. It was designed to replace the SC and is less than half itssize when you consider that it provides two connected fi bers instead of just one. Figure 1.24 shows an MTRJ connector.

c01.indd 03/26/2015 Page 49

F I GU R E 1. 24 An MTRJ connector

FC The ferrule connector FC has a threaded construction that is designed for use in environ-Cments that might have high vibration. It is commonly used with single‐mode fi ber‐optic cable (which I will discuss shortly). It is becoming less commonly used than SC and LC connectors.

Fiber Coupler A fi ber coupler performs the same function as a UTP coupler or BNC coupler; it extendsthe cable length. However, since you are working with high‐powered light, it’s not quite as simple to just connect two fi bers and make them “talk” like they were together from thebeginning. In fact, sometimes the coupler will even thermally fuse the fi bers together to cre-ate the extended strand! Figure 1.25 shows a fi ber coupler.

F I GU R E 1. 25 A fiber coupler

Fiber Cables Fiber‐optic cable (fi ber) is often used in network backbones to provide high bandwidth for fast, reli-able communications. There are two main types of fi ber‐optic cable: single mode and multimode. In this section, I will discuss the properties, advantages, and disadvantages of each type.

Single Mode Single mode fi ber‐optic cable (SMF) is a high‐speed, high‐distance media. It consists of a single strand, or sometimes two strands, of glass fi ber that carries the signals. The lightsource that is generally used with single mode fi ber is a laser, although light‐emitting diodes (LEDs) may also be used. With single mode fi ber, a single light source is transmitted fromend to end and pulsed to create communication. Single mode fi ber is used for long runs



c01.indd 03/26/2015 Page 50

because it can transmit data 50 times farther than multimode fi ber and at a faster rate. Forexample, single mode fi ber might be used on an organization’s corporate campus between buildings. Since the transmission media is glass, installing single mode fi ber can be a bit tricky. Other layers are protecting the glass core, but the cable still should not be crimped or pinched around any tight corners. It is, however, completely immune to electrical inter-ference since light is used instead of electrical signals. Figure 1.26 illustrates the layers included in single mode fi ber‐optic cable.

F I GU R E 1. 26 Single mode fiber‐optic cable

Buffer Jacket

Outer Jacket

Strength Member

Core

CladdingCoating

Multimode Multimode fi ber‐optic cable (MMF) uses light to communicate a signal and disperses it into numerous paths (which is why it’s multi ) as it travels through the core and is refl ectedback via cladding , a special material that lines the core and focuses the light back onto it. gMultimode fi ber provides high bandwidth at high speeds over medium distances (up to about 3,000 feet) but can be inconsistent for very long runs. Because of this, multimode fi ber is generally used within a smaller area of a building. Multimode fi ber is available inglass or in a plastic version that makes installation easier and increases installation fl ex-ibility. As with single mode fi ber, multimode fi ber can be used when electrical interference is present, since it is completely immune to it. Figure 1.27 shows how light is split into mul-tiple paths in a multimode fi ber‐optic cable.

F I GU R E 1. 27 Light reflected in a multimode fiber‐optic cable

c01.indd 03/26/2015 Page 51

APC vs. UPC Over time, the quality of fi ber‐optic cables and connectors has improved as has the capa-bility to connect them to devices without losing signal due to a back refl ection of light. The fi rst quality of a connector was simply referred to as PC, which stood for “physicalcontact.” In other words, the fi ber strand actually makes physical contact with the deviceor other connection to which it is being mated. Additional improvements over the yearshave included ultra physical contact (UPC), which has an additional polish that gives it atsmoother fi t and therefore less signal loss, and angled physical contact (APC), which tight-tens the connections even further by being angled to the industry standard of 8 degrees. You can expect this to be a moving target in the coming years as well.

Media Converters As networking has evolved, the types of cable and their properties have dramatically changed. We have moved from using cables made from copper wire to using cables madefrom glass fi bers. Each of these general categories of cable has its own properties and hasmany options from which to choose. Perhaps one of the best decisions you could make in your network would be to use a combination of these types of cables and technologies. If you do that, then you will need to have media converters at the points where one type of cable and technology connects to another. In this section, I will discuss the most commontypes of media converters and where you would use each one.

Single Mode Fiber to Ethernet Since you would most likely use single mode fi ber between buildings on a campus, this typeof media converter would be used in each building because the fi ber‐based data signal in the form of light comes into the building to be carried farther through the building in theform of electricity. See Figure 1.28 .

F I GU R E 1. 28 A single‐mode‐fiber‐to‐Ethernet converter

Multimode Fiber to Ethernet In some organizations, multimode fi ber is used as the backbone within a building. This allows the backbone to carry more data at faster speeds than would be possible using onlycopper cable. Even when multimode fi ber is used in this way, it is unlikely that it will be used all the way to the computers. Typically a multimode‐fi ber‐to‐Ethernet converter will



c01.indd 03/26/2015 Page 52

be used between the backbone segment and the patch panels that will lead to the wall jacksand fi nally to the computers themselves.

Fiber to Coaxial In the past, coaxial cable was used as a backbone in some buildings. This is not done very often anymore, but coaxial cables are sometimes used to connect cable modems for the purposes of Internet communications or telecommunications. If you wanted to bring in high‐bandwidth communications from a cable provider and then distribute them through-out your network backbone, you would use a fi ber‐to‐coaxial converter (see Figure 1.29 ).

F I GU R E 1. 29 A fiber‐to‐coaxial converter

Single Mode to Multimode Fiber As I mentioned earlier, single mode fi ber is typically used between buildings because itcan span greater distances, whereas multimode fi ber is used within each building because it can have many channels of communication. Therefore, if you use both, the connections between your buildings will use a single‐mode‐to‐multimode converter. The single modefi ber will bring in pulses of light in one stream, and the multimode fi ber will then divide thesignals into multiple channels.

Tools Some aspects of network maintenance and troubleshooting require that you get out there with some hardware and do a little manual labor. The term manual is actually a stretch lhere because most of the hardware tools that you will use for your network are actu-ally very sophisticated and don’t require much muscle to use. In fact, many of these toolsinclude both software and hardware components. In this section, I will discuss the mostcommon of these hardware tools.

Cable Crimpers To attach an RJ‐45 connector to the end of a cable, you must strip about an inch of theouter cable insulation without cutting any of the insulation on the eight wires that are inside the cable. You must then press down hard on the right place of the RJ‐45 to close the

c01.indd 03/26/2015 Page 53

connector around the cable and hold all of the wires trapped into place so that the end of the cable sheath is safely tucked inside the connector as well.

To accomplish this feat, you should use a tool that is designed to cut just the outer insu-lation and leave the other wires untouched; this tool needs to double as an accurate pair of pliers that allows you to press on just the right place on the connector. A cable crimper andstripper does just that. There have been many cable crimper and stripper designs over theyears. Some tools double as crimping tools/cable strippers. Figure 1.30 shows a crimping tool with a cable stripper integrated into it.

F I GU R E 1. 3 0 Cable crimper with stripper

Punch Down Tool As I discussed earlier, to increase the fl exibility and fault tolerance of a network, most organizations do not use a continuous cable from end to end for each computer connection. Instead, each cable is connected through a series of patch panels. These patch panels pro-vide a method for quickly changing a cable that is part of a computer’s connection to the network. Typically, the front side of a patch panel has many RJ‐45 connector ports. The back of the panel, however, does not have ports and instead is hardwired with the wiresfrom the cables punched down into special connectors that hold them securely in place. This is where the punch down tool comes into play.l

The process of properly punching down a wire takes a considerable amount of force.You could try to do it without the special tool, but you would probably break the wireor not be able to make the proper connection at all. The punch down tool, shown in Figure 1.31 , assists you in applying the right amount of pressure in the right direction. As you push in with the tool, you load up a spring that then releases the proper amount of force to press the wire fi rmly into the connector while stripping the insulation off the sideof the wire to assure a fi rm connection with the metal connector. With a little practice, you will be able to punch down wires with ease.

F I GU R E 1. 31 A punch down tool



c01.indd 03/26/2015 Page 54

Wire Strippers Of course, a wire stripper is a small hand‐held device that you can use to strip electrical insu-rlation from wires. It enables you to take the insulation off the wire at just the right length toconnect it to…well, whatever you choose. Typically wire strippers are used in networking to remove only the outer sheath of the cable and expose the individual wires at the proper lengthfor a connector or to punch down to a 110‐block. Figure 1.32 shows wire strippers.

F I GU R E 1. 32 Wire strippers

Snips Wire snips , also called wire cutters or diagonal cutting pliers, are used specifi cally to cut wire to the correct length for your installation or repair. They make it easy to create a customcable of the length that you require, before using wire strippers to remove the outer sheath.

TDR A time domain refl ectometer (TDR) (Figure 1.33 ), as its name implies, is a pretty sophis-ticated piece of network‐troubleshooting equipment. It sends a low‐level electromagneticpulse and listens for any refl ection of that pulse (similar to radar). In fact, it’s like radar forfi nding breaks or even weaknesses (bad splices or connections) in copper network cables.If you are troubleshooting a problem with a copper cable, a TDR can tell you exactly how far the problem is from where you are testing. That way, if the wire is buried or is in a wall,you will know that you should probably just try to use a different cable (if one is available). On the other hand, if the problem is accessible, then you may be able to fi x it. Either way, knowing exactly where the problem exists is half the battle.

F I GU R E 1. 3 3 A TDR

c01.indd 03/26/2015 Page 55

OTDR If a TDR can be called sophisticated, then an optical time domain refl ectometer (OTDR)(Figure 1.34 ) is positively out of the space age! An OTDR performs the same functionas a TDR but does it with light on fi ber‐optic cables. Whereas most of the cables that you test with a TDR will be shorter than 100 meters long, you can test cables that are several kilometers long with an OTDR. An OTDR can also detect the fi ber cable length and therefore tell you exactly where a break is in the fi ber. It can also make you aware of bad splices or connections along the entire route of the fi ber cable. For these reasons,an OTDR is an indispensable tool for working with today’s long and sophisticated fi ber‐optic cable runs.

F I GU R E 1. 3 4 An OTDR

Cable Certifier With today’s modern networks, it’s often not good enough just to say that something works and therefore it’s set up properly. For example, if you install CAT6 cable, then you expectthat it will provide 1000 Mbps bandwidth for your data. But the only way that it will dothis is if all the wall jacks, patch panels, connectors, and so forth are installed properly.You could just let the users be the guinea pigs and test it all for you, but the right way is to make sure the cable is working properly by using a device that can test the network seg-ment to which it’s attached and compare the result with what it should be for that type of segment. This device is called a certifi er . Many different types of certifi ers exist, and they rrare available for copper, fi ber, and even wireless networks. Some devices even combine cer-tain aspects of all three types of networks.

Exam EssentialsKnow the types of fiber‐optic cable. There are two main types of fi ber‐optic cable: mul-timode fi ber and single mode fi ber. Multimode fi ber is typically used within buildings and can disperse the light into multiple paths. Single mode fi ber is typically used between build-ings and consists of a single light source that is pulsed.

Know the types of copper cables. Three main types of copper cables are used in today’s networks: UTP, STP, and coaxial. UTP cable is the most common type of cable by far. Since



c01.indd 03/26/2015 Page 56

they do not have any shielding, they are very easy to install; however, they are not suitable for installations that are close to large magnets, motors, speakers, and the like. STP cables are less commonly used because they are much more diffi cult to install. They provide a layer of shielding that must be grounded to be effective. They are not used much in today’s networks because fi ber‐optic cables provide a complete immunity to electrical interference. Coaxial cables are still used in today’s networks but in a very different way than they were in the past. They consist of one core wire that carries all of the signal and a braided mesh that acts asa shield. They are primarily used to connect cable modems to the connections from a cable Internet provider.

Know the categories of UTP cables and their purpose. There any many categories of cables ranging from Category 3 to Category 6a. Generally speaking, the higher the category number, the faster you can push data through it without problems caused by signal bleed called crosstalk . You should always use the appropriate category for the task at hand.

Understand the main types of cables and their uses. Straight, or straight‐through , cables are used to patch network components together that are not similar to each other, such as when connecting a computer to a switch. They are also referred to as patch cables. Crossover cables are used to connected similar devices together such as a switch to aswitch, router to a router, or even a PC to a router (a PC can perform a routing function, soit is similar to a router). A T‐1 crossover cable is a specialized crossover that is used to con-nect a CSU/DSU to another CSU/DSU.

Understand the difference between plenum and non‐plenum cable. A plenum is the space in a building that is between the ceiling of one fl oor and the fl oor of the next. Since air is generally circulated in this area, the NFPA regulates that only specialized cables can beused that have insulation that doesn’t wick fi re or give off poisonous gases when it burns.These specialized cables are referred to as plenum cables . In all other areas of the network,non‐plenum cables can be used.

Understand media converters. Since we use fi ber‐optic, copper UTP/STP, and even coax-ial cables in the same network, we often need converters. There are many types of convert-ers, and each has a use in the network. Review the defi nitions of the different media typesand their uses, and the place that the converter will be used in the network will be evident for each.

Be familiar with the various fiber‐optic connectors. There are multiple fi ber‐optic connectors that can be used in various locations in your network. Know the main typesof connectors and the general build of each one. Also understand where each might be usedand why it might be advantageous over other options.

Be familiar with various copper connectors. Multiple copper connectors can be used in your network. The most common by far is the RJ‐45 connector, which holds four pairs of wires, although only two are generally used. Others include the RJ‐11, BNC, DB‐9, andF‐connector. Know the general build and use of each of these connectors.

1.6 Differentiate between Common Network Topologies 57

c01.indd 03/26/2015 Page 57

Understand patch panels and 110 block connectors. Wiring distribution not only houseswiring connections but can also provide an administrator with options for reconnects.Know the general build and purpose of each of these.

1.6 Differentiate between Common

Network Topologies

Basically, a topology is a shape, so a network topology is the shape of a network. There is, however, a big difference between a physical network topology and a logical networktopology. The physical network topology represents how the network looks to yournaked eye. In other words, the physical network topology is the way the components are arranged. The logical network topology represents how information fl ows through the network, which may not be the same as how it looks to your naked eye. You shouldunderstand the main network topologies and the difference between a physical networktopology and a logical one. You should be able to recognize them given a diagram, sche-matic, or description. In the following sections, I will discuss each network topology ingreater detail.

Mesh The full mesh topology is not often used for networks and is almost never used for individ-ual computers. In a full mesh topology, all the components in the mesh have independent connections to all the other components in the mesh. For example, if there were four com-puters connected with a full mesh, then the number of connections could be determined by the following formula:

[ ( )] /n n 1 totalnumberof connections− =2

computer would have to contain 3 network interface cards:

[ ( )] /4 4 1 6− =2

Any network with multiple or redundant connections to network components can beconsidered a mesh topology, but because of the expense involved in building this type of network, they are rarely created for individual computers. A mesh, or even a full mesh,would most likely be found connecting multiple networks in an organization. In fact, the Internet is the best and biggest example of a partial mesh topology. Figure 1.35 shows a fullmesh topology with four computers.


c01.indd 03/26/2015 Page 58

F I GU R E 1. 3 5 A full mesh topology

Bus The bus topology was used in earlier networks but is not commonly used today. In a bustopology, all computers are connected to each other by a single cable. Coaxial cable with special connectors called BNC connectors (as shown earlier in Figure 1.15 ) and T connec-tors were used. The T connectors provided an independent connection for each computeron the bus. In addition, the bus worked only if both ends of the cable had a special resistor,called a terminator , installed. Figure 1.36 shows a bus topology, and Figure 1.37 shows therrT connector used to connect the computers to the bus.

F I GU R E 1. 36 A bus topology

Laser Printer

Server S1


c01.indd 03/26/2015 Page 59

F I GU R E 1. 37 A T connector

Ring A ring is a legacy topology that looks exactly like a star topology to the naked eye. The real gdifference in a ring topology vs. a star topology is the technology that is used. Computersin a ring topology generally use IBM Token Ring technology. Other components can also be arranged in a ring topology and use different technologies. The computers in a ringtopology are not generally arranged in a physical ring. In fact, just as with a star topology,they can be next to each other or spread throughout a building. The difference is that thecentral component that connects them contains the logical ring that facilitates communica-tion on the network using the ring technologies. Figure 1.38 shows a ring topology. Pleasenote that data fl ows in a very different way, even though the physical topology would beindistinguishable from that of a star topology to the naked eye.

F I GU R E 1. 3 8 A ring topology

A star topology is a group of computers connected to a central location, such as a hub ora switch. This is the most common topology in use today. The computers may be physi-cally located next to each other or spread throughout an entire building, but the fl ow of


c01.indd 03/26/2015 Page 60

information from among computers must go through the central location. In a star topol-ogy, each computer has its own cable or connection to the hub. Since each computer has its own connection, one computer’s failing will not affect the other computers in the network. However, if the hub or switch should fail, then all the computers on that hub or switch will be affected. Figure 1.39 is an illustration of a star topology.

F I GU R E 1. 3 9 A star topology

Hub

Hybrid Actually, most networks today are a combination of many topologies. For example, a net-work will often use a star topology with a partial mesh consisting of some point‐to‐pointand some multipoint connections. This type of hybrid design facilitates customization to dthe organization’s communication needs as well as redundant connections for load balanc-ing and fault tolerance. Figure 1.40 illustrates a hybrid network topology.

F I GU R E 1. 4 0 A hybrid configuration

Subhubs

Main Switch


c01.indd 03/26/2015 Page 61

Point‐to‐Point A point‐to‐point connection is not really so much of a network topology as it is a piece of tone. Today’s networks generally consist of many point‐to‐point and various other typesof connections. Point to point just means that the connection is active only for the sendertand the receiver and that there are no other computers or devices involved. In fact, point‐to‐point connections are said to create communication that is not shared because the onlycommunication is between the sender and the receiver. Point‐to‐point connections between network devices, such as switches or routers, can provide for very effi cient network com-munication. Figure 1.41 illustrates a point‐to‐point connection between two routers.

F I GU R E 1. 41 A point‐to‐point connection

Point-to-Point Connection

Router A Router B

Point‐to‐MultipointPoint‐to‐multipoint connections are created when an interface is connected to two or more tother interfaces. This is the general effect of a hub on a network in which the data fl ows into one interface and can fl ow out of all other interfaces. It can also be seen in router confi gurations,such as frame relay switching, which I discussed earlier in this chapter, in which the point‐to‐multipoint connections are created using subinterfaces (virtual interfaces). Point‐to‐multipointEthernet connections cannot use full‐duplex communications because the connections are shared and therefore require the use of CSMA/CD to control the traffi c. Point‐to‐multipointconnections in frame relay switching might require the use of special protocols and confi gura-tion to control data traffi c. Figure 1.42 illustrates point‐to‐multipoint confi gurations.

F I GU R E 1. 4 2 Point‐to‐multipoint configurations

Switch A Hub B

or

Router A(Subinterfaces)

Router B

Router C

Router D


c01.indd 03/26/2015 Page 62

Client‐Server In a client‐server network, the problem of resource sharing is addressed by using specifi chigh‐capacity and high‐speed computers to share resources to the client computers. Most of the resources that the clients use are centralized to the very fast server computer. The servercomputer is typically not used directly by a user. In the most sophisticated networks, these servers are also domain controllers that authenticate a user’s access onto the network and control their access to specifi c resources.

Peer‐to‐Peer Very small business networks and home networks are often peer‐to‐peer . This meansrthat no dedicated server is involved at all. Each computer acts as both a client and aserver. Typically, directory shares or folders are set up on each of the computers, andlocal accounts on the computers are used to provide some minimal security. Generally, peer‐to‐peer networks consist of no more than 10 computers. A network of more than 10 computers creates tremendous confusion because the users might have to know dif-ferent usernames and passwords to get to the share directories on each computer. Also, what if the other 9 computers wanted to use a share directory on the 10th computerall at the same time? The 10th computer’s resources would be so overwhelmed withproviding the share directory for the others that you might not even be able to use ityourself!

Exam EssentialsKnow the difference between a physical topology and a logical topology. A physi-cal topology of the network is simply what it looks like or how the components are arranged. A logical topology, on the other hand, represents the fl ow of information in the network.

Know the main logical network topologies. Recognize the point‐to‐point, ring, star,mesh, bus, and hybrid topologies by a diagram, schematic, or description. Recognize thedifference between a peer‐to‐peer and a client‐server network.

1.7 Differentiate between Network

Infrastructure Implementations

Whereas topology is the shape of your network design, infrastructure implementation isthe way that you use your network. There are many implementations that you can use intoday’s world, and options continue to emerge and expand. In this section, I will discussthe most common of these implementations, as well as some that continue to emerge andgrow. I will discuss WAN, MAN, LAN, WLAN, PAN, and many others.

1.7 Differentiate between Network Infrastructure Implementations 63

c01.indd 03/26/2015 Page 63

WAN A wide area network (WAN) extends beyond a single organization’s boundaries and control. When you use a WAN, you are typically using connections that were created and are main-tained by a third party, such as the leased lines that I discussed earlier. In addition, since you are using lines that you don’t own, you must follow the rules for the use of those lines. As you may remember, rules are expressed in networking as protocols, so you will encounter protocols with WAN networks that you will not encounter with networks that you own and control. As you might imagine, the largest WAN in the world is something that we refer to as the Internet.

MAN A metropolitan area network (MAN), as the name implies, was specifi cally designed for a defi ned geographical area. This area may be as small as a few blocks or as large as a city.The network might be maintained by a company but is most likely maintained by a publicutility for that area. Typically this network provides users with a high‐bandwidth connec-tion to each other as well as to the backbone of the Internet. Various technologies and pro-tocols can be used on a MAN, but the main goals are high speed and reliability.

LAN Today’s businesses rely primarily on a local area network (LAN) to provide for the trans-fer of data throughout their organization. This consists of network devices and connec-tions that are owned and controlled by the organization. You generally have a tremendous amount of fl exibility in regard to how you use your LAN.

Generally what users have always needed is more speed. Network administrators neededmore speed but also the ability to run a link for farther distances without amplifying the signal. This gives them options with regard to network designs and other decisions aboutwhich most users are unaware. Over the years, LAN technology types have continued to evolve to meet the needs of users and network administrators by fi nding the hotspot thatyou are providing with your device. You can even use a cell phone or tablet computer.

WLAN One way to extend the LAN is to make part of it wireless! A wireless local area network (WLAN) is rarely completely wireless. It’s simply the part of your network that is wirelessthat connects to the rest of your wired network. Users can connect their wireless device to your network, with your permission, by fi nding the hotspot of the network, which is the oper-tating area of the network based on its power, direction, and type of antennae. In Chapter 2 , I will discuss much more about the components and protocols used with wireless networks.

PAN As if we needed another acronym, a personal area network (PAN) is a WLAN that is established by an individual to invite others to join for a specifi c purpose, namely to share


c01.indd 03/26/2015 Page 64

a connection that they otherwise would not be able to access. It can be permanent but ismore likely to be temporary. For example, I once created a PAN to be used to teach a classwhen the training center temporarily lost Internet access to our servers. It allowed the stu-dents to connect to my WLAN cellular card from AT&T and share my bandwidth so theycould make a connection to remote servers and do their labs. Needless to say, it wasn’t nearly as fast for them as the normal connection to the Internet, so we quickly abandonedit as soon as the training center’s connection was restored. My PAN allowed them to use aBluetooth connection to my laptop, but other methods include infrared (IR) and even near fi eld communication (NFC).

Bluetooth Named for a Danish king who was good at uniting things, Bluetooth is a wireless technol-ogy that enables the exchange of data over relatively short distances using radio waves. It operates in the 2.4 to 2.485 GHz band and can be used by individual devices such as headsets, mice, and cars, or, as in this case, as the infrastructure for a PAN. I always get akick out of someone who calls the Bluetooth‐based headset that has a blue light and goes infront of a person’s mouth a “blue tooth,” don’t you?

IRInfrared (IR) is radiant energy that is invisible to the human eye. The reason the light is dinvisible in that it is below ( infra means “below”) red light on the light spectrum, whichis the lowest color that human beings can see. Just because you can’t see this light doesn’tmean that you can’t use it. In fact, you can use it for any number of things from changing the channels on your TV to controlling a cool toy or, in this case, to create a PAN. If you have computer devices within line of sight of each other in the same area, and you have no direct sunlight in the area (sunlight contains red light too), then you can connect thedevices and transfer data with IR. For some implementations (such as local printing), it’s really not that bad; you are working at the speed of light, after all!

NFCNear fi eld communications (NFC) is a special standard established for smartphones that enables them to dynamically create a mini PAN by touching them together or holding themonly a few centimeters away from each other. This network can then be used to exchange data for such things as a door key, a ticket for a train, a payment for services rendered, a photo, a telephone number and contact information, and the list goes on and on.

SCADA/ICS Supervisory control and data acquisition (SCADA) is a system that can provide remotecontrol of industrial equipment by telemetry, usually wireless or satellite data. It differs from other industrial control systems (ICSs) by its ability to handle large‐scale processeson multiple systems and over large distances. These processes might include power genera-tion, fabrication, water treatment, oil and gas pipelines, electrical power transmission, civil defense systems, air‐conditioning and ventilation systems, lighting, and so on. For example,

1.7 Differentiate between Network Infrastructure Implementations 65

c01.indd 03/26/2015 Page 65

did you know that Walmart controls most of the lighting, air‐conditioning, and heatingfor most of its stores from a central location? This kind of centralized control can result in tremendous cost savings. The key component in this type of system might include an ICS server, DCS/closed network, remote terminal unit, and programmable logic controller.

ICS Server The ICS server is the data acquisition software component that uses industrial protocols toconnect software to the other components of the system.

DCS/Closed Network More sophisticated implementations use a smart system called a DCS or closed networksystem. It is so called because of its ability to autonomously execute simple logic processeswithout involving the master computer or the human operator. As you might imagine, thiscan have a good side and a bad side.

Remote Terminal UnitRemote terminal units (RTUs) connect to sensors and convert telemetry signals into digitaldata. They can send and receive data from the ICS server and prepare it for use with thenext component in the system, which will actually make something move or change.

Programmable Logic Controller Programmable logic controllers (PLCs) can also process data into digital signals, but they use sensors installed by the manufacturer and not telemetry data.

Medianets According to Cisco, “A medianet is an end‐to‐end architecture for a network comprisingtadvanced, intelligent technologies and devices in a platform optimized for the delivery of rich‐media experiences.” In my own words, a medianet is a modern network that was built with media delivery in mind. It can automatically adapt to different types of media needssuch as video surveillance, desktop collaboration, streaming video, and even telepresence . It assures that new services can be quickly established and given the resources that they require (bandwidth, RAM, CPU, and so on) and also takes into account the current ser-vices that are running on it so as not to degrade their performance.

VTC One of the services that continues to expand, partially because of escalating costs of travel,is video teleconferencing (VTC) . The idea behind VTC, rather than just a picture phone, is that entire groups of people are joined together without having to jump on planes andincrease their expenses, not to mention their carbon footprint. I remember fi rst using this technology when I worked at Sprint in Jacksonville, Florida, in the early 1990s. We had a PictureTel system that was state‐of‐the‐art then but archaic by today’s standards. It usedISDN lines that were just barely fast enough if you sat still. If you moved your head, what


c01.indd 03/26/2015 Page 66

used to be your face looked to the other side like a spread‐out deck of playing cards! Of course, expanded bandwidth, enhanced IP technologies, and specialized protocols like thesession initiation protocol (SIP) have made videoconferencing clear and easy to use.l

Exam EssentialsKnow the difference between a WAN, MAN, LAN, WLAN, and PAN. A WAN is a network that extends beyond A single organization’s boundaries and control. A MAN is anetwork that connects a community and often connects that community to the Internet. A LAN is the most common type of network in business today. All connections on the LANare generally privately owned and controlled by the organization. A WLAN is a network that contains wireless connections for additional fl exibility through use by wireless devices. A PANis a relatively small network that is generally provided to an individual for their temporary useor for letting others use their connection. Types of PANs include Bluetooth, IR, and NFC.

Know the main concepts of SCADA/ICS. SCADA is a system that can provide for theremote control of systems used for industry. It is used to control systems such as water fi l-tration plants, power generation systems, oil and gas pipelines, and so on. It consists of anICS server, a closed network, a remote terminal unit, and programmable logic controllers.

Know the main concepts of medianets. A medianet is an end‐to‐end architecture for anetwork designed to provide rich‐media content. It consists of intelligent technologies and devices that adapt to different media needs. Types of media might include video teleconfer-encing (VTC) as well other synchronous and asynchronous media.

1.8 Given a Scenario, Implement and

Configure the Appropriate Addressing

Schema

Let’s say that you are tasked with the job of setting up all of the IP addressing in yourorganization. If that is the case, then you have to understand how the protocols such asIPv6 and IPv4 are confi gured and how your confi guration will relate to the capabilities of the network. In this scenario, you should consider the following facts.

IP addressing is used to stitch together your network of computers and routers and con-nect it to other networks and to the Internet. The details of how you use IP addressing willvary with the needs of your organization but may include IPv6, IPv4, private addresses, public addresses, NAT, PAT, and so on. In addition, you will need services to resolve MACaddresses to IP addresses and to use IP addresses in more creative ways such as multicast addressing. Finally, you will need to understand the different types of communication thatyour network will use such as unicast and broadcast and the almost automatic domains of communication that will result from your network schema. In this section, I will discuss all of these concepts and more.

1.8 Given a Scenario, Implement and Configure the Appropriate Addressing Schema 67

c01.indd 03/26/2015 Page 67

IPv6 The following is an IPv6 address on my laptop:

fe80::218:deff:fe08:6e14

That looks pretty weird, doesn’t it? That’s partly because this address has been shortened using the address compression rules for IPv6. To explain address compression, I’ll discuss what this really says and how you should interpret it. Each hexadecimal character in the address is actually read by the network device as a binary number with 4 bits. Table 1.3 illustrates the relationship of each decimal, binary, and hexadecimal number and/or character.

TA B LE 1. 3 Decimal binary and hexadecimal conversion

Decimal Binary Hexadecimal

0 0000 0×0

1 0001 0×1

2 0010 0×2

3 0011 0×3

4 0100 0×4

5 0101 0×5

6 0110 0×6

7 0111 0×7

8 1000 0×8

9 1001 0×9

10 1010 0xA

11 1011 0xB

12 1100 0xC

13 1101 0xD

14 1110 0xE

15 1111 0xF

As you can see from the table, if you were fi rst to convert each of the characters you seein my example address into its binary equivalent, the result would be as follows:

1111 1110 1000 0000 :: 0010 0001 1000 : 1101 1110 1111 1111 : 1111 1110 0000 1000 : 0110 1110 0001 0100

Not so fast, though! Equally important as what you see is what you do not see but you still know must be there. For example, you know that there are a total of 128 bits in thisaddress. Also, you know that each section between a set of colons should actually have 16bits on its own, so what is missing?


c01.indd 03/26/2015 Page 68

Well, to begin with, any leading zeros can be interpreted by the device easily and can therefore be left out, as you can see in the second section of the previous address. In addition, successive fi elds of zeros can be represented as ::, but this can be done only once in an address, because otherwise the device wouldn’t know how many successive zeros were represented by each ::. If you do a quick count, you will fi nd that you are missing 52 zeros! In other words,although you can represent the IPv6 address in this case as the following hexadecimal number

fe80::218:deff:fe08:6e14

the device will actually use a 128‐bit number that looks like the following:

1111 1110 1000 0000 : 0000 0000 0000 0000 : 0000 0000 0000 0000 : 0000 00000000 0000 : 0000 0010 0001 1000 : 1101 1110 1111 1111 : 1111 1110 0000 1000 : 0110 1110 0001 0100

As you can see, this is a huge addressing system

2128 = 3.4028367 × 1038

which should allow for an almost limitless supply of addresses. Of course, the last time someone said that, we soon began to run out of addresses!

So now you may be wondering how the IPv6 addresses get on the interfaces of your routers and network interface cards. Well, some of the methods of addressing are the sameas with IPv4 but updated, while others are brand new and unique to IPv6. The specifi c methods that I will now discuss further include auto‐confi guration, DHCP6, and manualconfi guration of addresses.

Auto‐configuration With auto‐confi guration, the client is able to obtain a unique IPv6 address by using itsown media access control (MAC) address and adding FF:FE into the middle of the address. This generally assures that the client has a unique address, since its MAC address is uniquewithin that network segment. This, however, is tested during the automatic address assign-ment by neighbor solicitation, which is basically just automatically pinging the address that is to be used to see if anyone answers.

EUI‐64 Just as you wouldn’t think that 4 billion IP addresses might not be enough, you would likely never suppose that 2 to the power 48 (281,474,976,710,656) MAC addresses would not be enough. You would likely be right, but just to make sure, the Extended UniqueIdentifi er 64 (EUI‐64) addresses that are in use in many organizations today providean address space that far surpasses that of our current MAC‐48 addresses. You will seeEUI‐64 addresses used more often, essentially replacing MAC‐48 addresses, in the coming years, especially when companies begin the transition to IPv6.

DHCP6 As you may know, a Dynamic Host Confi guration Protocol (DHCP) server is used to auto-lmatically confi gure IP addresses, DNS servers, and so on for clients joining a network.


c01.indd 03/26/2015 Page 69

DHCP6 works in about the same way that DHCP4 does, with the exception that it uses anycast communication instead of broadcast communication. Anycast communication is amore effi cient type of signaling that is unique to IPv6. With anycast, a packet is sent to theaddresses within the anycast members. Using anycast, a router can become a DHCP serverfor a client or direct it to a DHCP server. As you will see, this is quite an improvement over the IPv4 method in which the router is actually standing in the way of the communication between the client and a DHCP server.

You can implement IPv6 on any of the latest servers. In fact, any Microsoft Windows Server 2003 or later server has the option. The exact confi guration of DHCP6 on aMicrosoft server is beyond the scope of this book.

Link Local Just as with IPv4, there are global addresses and link local addresses with IPv6. Simply put,any address that starts with FE:80 has been set aside for unicast link local addressing on your private network. These addresses may be manually assigned or may be assigned using a DHCP server.

Tunneling 6to4, 4to6, Teredo, and Miredo One of the nicest things about IPv6 is that the conversion options are so broad that you don’t have to convert your entire network at one time. There are many options for converting someof your network and then coming back at a later date to convert the rest. For example, you could connect two of your dissimilar networks to each other using a router in the middle that has both IPv6 and IPv4 addresses on it. This is referred to as 6to4 tunneling or 4to6 tunnel-ing depending on which direction you are travelling. If you are using network address trans-lation (NAT), then you might also use Teredo tunneling with a Miredo client. This type of tunneling is designed to allow full IPv6 connectivity to computer systems that have no direct connection but instead are coming through NAT or even port address translation (PAT). Theexact confi guration of these types of tunnels is beyond the scope of this book.

IPv4 Well, now that you have seen the wildness of an IPv6 address, you should be glad to talkabout the more mundane IPv4 addresses. An IPv4 address is a 32‐bit binary address repre-sented in what we call dotted decimal format . The following is an example of an IPv4 address:t

192.168.1.1

As I said before, in addition to the IP address, a subnet mask is also used with IPv4, which has the effect of measuring the address to determine which parts of it are the network por-tion and which parts are the host portion.

Now you may be thinking that IPv4 isn’t in the binary form—IPv4 is in the dotted deci-mal format. Well, the network devices see the IPv4 addresses as binary numbers. In fact, 192.168.1.1 ends up looking like the following:

11000000 10101000 00000001 00000001


c01.indd 03/26/2015 Page 70

“How does that happen?” you may ask. Well, I’m glad you asked. The dotted decimal form uses the fi rst 8 bits of binary over and over four times. The bits of the address are then val-ued based on the following template of values:

128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1

The address would then line up with the template as follows:

1 1 1 1 1 1 1

Everywhere there is not a 1 is a 0. Now, I will discuss how the subnet mask combines with the IP address to determine

which bits will be network bits and which will be host bits. I will also discuss how you can use a custom subnet mask to subnet a network further for more effi cient and effective useof IP addresses.

SubnettingSubnetting is a method used to create additional g broadcast domains . You may wonder whyyou’d want additional broadcast domains when broadcasts are typically considered bad;that is, they are something to be avoided whenever possible. Look at it this way: if you have a fi xed number of hosts in a network, you can reduce the number of hosts per broadcast domain and therefore reduce the effect of broadcasts on the hosts by increasing the numberof broadcast domains. This is because there will be fewer hosts in each of the broadcastdomains. In other words, subnetting creates smaller logical networks and thereby reducesthe traffi c within each logical network.

In addition to reducing the effect of broadcasts, subnetting also allows you to applysecurity policies in an easy and effi cient manner. Each subnet can represent a location, role, tjob, and so on. By applying access control lists and other types of network fi ltering rules, you can control who gets access to what on a network. This job would be much more dif-fi cult if you could not use subnets.

Now that you know the “why” of subnetting, I’ll cover the “how” of subnetting. In plain terms, when you subnet IPv4, you are just reapplying the same sets of rules that were used to create the classful system of IP addressing in the fi rst place. Please refer to Table 1.4to refresh your memory about these rules.

TA B LE 1. 4 IPv4 classful addressing system

Class First octet range Subnet maskNumber of networks

Number of hosts/network

A 00000001–01111111 1–126 (127

is reserved)

255.0.0.0 126 16,777,214

B 10000000–10111111 128–191 255.255.0.0 16,384 65,534

C 11000000–11011111 192–223 255.255.255.0 2,097,152 254

D 11100000‐11101111 224‐239 NA NA NA


c01.indd 03/26/2015 Page 71

Are you ready for this now? Actually, we don’t strictly follow this classful system any-more, but that doesn’t mean you don’t need to know it! What we do follow is based on theclassful system, but we have customized it to fi t our needs using logical addressing methods and new technologies such as NAT, PAT, and proxies, which I will discuss later.

In today’s networks, you need to make the most effi cient use possible of the IP address-ing space that you have been given by the American Registry for Internet Numbers (ARIN)or that you have created for yourself with private IP addressing. To do this, you use custom subnet masks that defi ne the appropriate number of networks and the appropriate number of hosts per network for your particular situation.

You generally start with a classful address that has the capacity to be subnetted further to meet the needs of your network. For example, let’s say I have one network defi ned as 192.168.1.0 with a subnet mask of 255.255.255.0. As I discussed, this subnet mask identi-fi es the network bits and host bits in the network. If you were to convert the dotted decimal subnet mask to binary, you would fi nd twenty‐four 1s in a row followed by eight 0s in arow. This means the network portion of the address is the fi rst 24 bits, or 192.168.1. The0 identifi es the beginning of new network, and the addresses after it would be 1 to 254.The last address would be 255; this is not a host address but rather a broadcast address.“What’s the difference?” you may ask. Well, if another host wanted to address a packet in such a way that it would be received by all 254 hosts (in this case), then the host would use 192.168.1.255, which is the broadcast address. The broadcast address should be set aside for broadcasts and never be used as a host address.

Now that you have established what you already have, let’s say what you have is notwhat you want. Let’s say you want to have eight subnets with as many hosts as possible inthem instead of just one network with 254 hosts. What would you do then? You guessed it—you would subnet the classful network to create the custom networks you need. Howwould you do this?

You would begin by understanding that you have 8 host bits with which to work. Thenetwork bits assigned to you will not be changed, and you will always be moving from the left to the right on your template. The question now is “How many of those 8 host bitsdo you need to change into subnet bits to create the eight subnets that you need?” (Somepeople refer to this part as borrowing , which is a term I never really liked because I’m notgreally planning on giving them back!) The answer to this question lies in the formula 2s ≤ # of subnets. In this formula, s is the number of host bits that will be turned into subnet bits,and # of subnets is the number of subnets you need to create.

In this case, 2s ≤ 8. Solving for s , you fi nd that it must be at least 3. You want the lowest s that works because you also want to maximize the number of host bits that you still have remaining, so s = 3. Now the next question is “Which three?” Well, you are always going to move from the left to the right, so you will start at the left of the remaining 8 bits and take the fi rst 3 bits from the left toward the right. This means that the subnet bits will be the128, 64, and 32 bits. To make these host bits into subnet bits, you will simply change the corresponding bits in the subnet mask from 0 to 1. When you make this change, the subnetmask will then change to 255.255.255.224 since 128 + 64 + 32 = 224.

The next question on your mind might be “Then what are my eight subnets?” Youcan answer this question by determining the increment of the subnets and therefore their


c01.indd 03/26/2015 Page 72

numbers and ranges of hosts. The increment is always 256—the last number in the sub-net mask that is not a 0. In this case, it’s 256 – 224, which equals 32. The fi rst network isalways the same as what you started with but with a new subnet mask. You can express the new subnet mask as 255.255.255.224, or you can express it by using a forward slash at the end of the IP address followed by a number indicating the number of 1s in the subnet mask. In this case, you could express your subnet mask as a /27. This is referred to as CIDRnotation .

Since all the other networks are determined by the increment, your networks will be as follows:

192.168.1.0/27

192.168.1.32/27

192.168.1.64/27

192.168.1.96/27

192.168.1.128/27

192.168.1.160/27

192.168.1.192/27

192.168.1.224/27

The host ranges and broadcast addresses can then be determined without any further use of the binary. For example, the 0 network will have 30 hosts in it ranging from 1 to 30, and it will have a broadcast address of 31. The 32 network hosts will range from 33 to 62with a broadcast address of 63, and so on, through the networks.

You can also check your math by understanding that the number of hosts will always be2 h – 2, where h is the number of remaining host bits after the subnet bits are determined. In this example, there are fi ve remaining host bits, so the formula will be 25 – 2 = 30. Sincethis matches the number of hosts as determined by the increment, you know you are on theright track!

Now let’s try one that is a little more complicated. Don’t worry, I’ll walk you right through it, and then you will be able to do it yourself. Let’s say you have an IP network of 172.16.0.0 with a subnet mask of 255.255.0.0 and you want to have 60 subnets with as many hosts per subnet as possible. What would the new subnet mask be? How many hosts would you have? What would your networks look like?

You start solving this problem in the same way as the last by noticing where you arebeginning in the address, based on the subnet mask. In other words, my fi rst question isalways “Where am I?” Since you have a subnet mask here of 255.255.0.0, you are halfway through the address. In other words, you have sixteen 1s followed by sixteen 0s in the sub-net mask. The fact that you have sixteen 0s means you have 16 host bits, some of which will be used for subnet bits. The next question is “How many host bits do you need to con-vert to subnet bits to create the 60 subnets that you need?”

You can answer this question with the same formula as before, 2 s ≥ # of subnets. Inthis case, 2 s ≥ 60. Solving for s , you determine that s = 6, since 2 6 = 64 and that’s the fi rst number that is higher than 60. Now the question is “Which six?” Remember that you are


c01.indd 03/26/2015 Page 73

always moving from left to right, so the six bits that you will use will be the fi rst six in thethird octet starting from the left. This means you will change the corresponding bits in the subnet mask from 0s to 1s. This in turn means that the subnet mask number will change to 255.255.252.0, since 128 + 64 + 32 + 16 + 8 + 4 = 252. In other words, when you change the subnet bits to 1s, the values count and change the subnet mask accordingly.

The next question is “How many hosts could you have per network?” A close look at the template should show you that you have 2 host bits left in the third octet and 8 host bits left in the fourth octet. That’s a total of 10 host bits. This means you can have 2 10 – 2 hosts persubnet, or 1,022.

Now you might be wondering how you are going to do that and what the addresses aregoing to look like when you get fi nished. Just as before, the fi rst network is always the same network you started with, but it has the new subnet mask, and the rest of the networks aredetermined by the increment. In this case, your fi rst network is 172.16.0.0 with a subnetmask of 255.255.252.0. The increment is always 256—the last number in the subnet mask that is not a 0. In this case, the increment is 256 – 252 = 4. This means that the fi rst three networks will be as follows:

172.16.0.0/22

172.16.4.0/22

172.16.8.0/22

Notice that I left some blank space between the network addresses. I like to call thatspace “thinking room,” because you are going to do a lot of thinking in there. It’s rather straightforward to see that the fi rst host in the 172.16.0.0 network will be 172.16.0.1, butwhere do you go from there to get 1,022 hosts? Imagine an old odometer that actually spins out the tenths of miles. Do you have that in your mind? Now when it gets to nine tenths,think about what happens. The tenths will then go back to 0, the number on the left will increment by 1, and then it will all start over again. Right? That’s the same thing that hap-pens with the IP addresses, except that it’s not 0 to 9 but rather 0 to 255. In this case, whenthe addresses get to 172.16.0.255, the next number is then 172.16.1.0. Now, here’s thekicker: both of those addresses are valid hosts! In fact, there will be a lot of weird‐looking numbers that will be valid hosts as well. So, what is the last host in the 172.16.0.0/22network? The last host is 172.16.3.254, and the broadcast address is 172.16.3.255. After that, the 172.16.4.0/22 network starts, which has a broadcast address of 172.16.7.255. Use the thinking room, and you will see it.

It’s extremely important with today’s networks that you understand IP addressing and subnetting. The quicker you can determine the subnet on which a host resides, the betteryou will be at network troubleshooting. I hope this has helped you see IP addresses forwhat they are without having to convert them to binary numbers. With practice, you willbe able to see the answers instead of always having to fi gure them out. I highly recom-mend you spend some time working on IP address subnetting. One tool that I’ve found invaluable is the website http://subnettingquestions.com . It was created in part by Todd Lammle, a fellow Wiley author. This site is free and offers hundreds of ques-tions and answers. Your challenge is to get the same answer as the site has and to do it asquickly as possible.


c01.indd 03/26/2015 Page 74

APIPA All client computers since Windows 98 are confi gured by default to obtain their IP addressfrom a DHCP server . What if a DHCP server is not available? In that case, they are also rrconfi gured by default to use an address in the range of 169.254.0.1 to 169.254.255.254. These addresses are called Automatic Private Internet Protocol Addressing (APIPA)gaddresses. The advantage of using APIPA is that the clients in the same network segment that could not obtain a true IP address from a DHCP server can still communicate witheach other. The disadvantage is that the clients can communicate with each other but notwith the true network. This can lead to some wild troubleshooting for the unseasonedadministrator. The bottom line is that when you see an address that begins with 169.254, you can rest assured that it was not obtained from any DHCP server!

Classful A, B, C, D The early developers of IPv4 established a class‐based system of IP addresses that defi ned fi ve classes of addresses. The engineers wanted to identify the type of class as quickly as possible in the addressing, so they actually did it in the fi rst three bits of the address. Table 1.4 references how this was done and the effect it has on the number of networks and hosts per network. Note that all Class A addresses begin with 000, all Class B addresses begin with 100, all Class C addresses begin with 110, and all Class D addresses begin with 111. Since Class D addresses are used for multicasting and treated in a different way than A, B, or C, the other columns in the table are nonapplicable. Also, there is a class E thatbegins at 240 in the fi rst octet and is used only for experimental purposes. Therefore, that class is beyond the scope of this text.

Public vs. Private Unique IP address assignment on the Internet was originally the responsibility of the Internet Assigned Numbers Authority (IANA), but it has been handed over to other orga-nizations that coordinate with each other to make sure that addresses are unique. The cur-rent three major organizations for the entire world are divided geographically as follows:

American Registry for Internet Numbers (ARIN): Serves the North American conti-nent and parts of the Caribbean

Asia Pacifi c Network Information Centre (APNIC): Serves the Asia Pacifi c region

Réseaux IP Européens Network Coordination Centre (RIPE NCC): Serves Europe, the Middle East, and parts of Africa

Addresses that are assigned by these authorities are referred to as registered , or public , addresses. If you are connecting a computer to the Internet, then you must use an address that has been assigned by one of these authorities. Now I know what you are thinking: “I’m connected to the Internet, and I never contacted any of those organizations.” That’s proba-bly because you use an address that is provided by your Internet service provider (ISP), which obtained the address from one of these authorities. ISPs have large blocks of IP addresses that they can assign to their clients, thereby giving them a valid and unique IP address to


c01.indd 03/26/2015 Page 75

use on the Internet. Some large organizations still go through the process of registering for their own address blocks, but most individuals and smaller organizations simply get what-ever addresses they need from their ISP.

Private IP addresses are completely different. To understand a network diagram, youhave to be able to see the difference between public and private addresses. Public addresses are said to be routable, whereas private addresses are said to be nonroutable. What does this really mean? Is there something wrong with the bits in the private IP addresses that prevent them from being routed? No, the private addresses are actually nonroutable because they are fi ltered by the routers that would take you from one network to another on the Internet.

But now you may be asking, “How do they know which addresses to fi lter?” Well, the original designers of the Internet set aside some groups of IP addresses to be used for pri-vate addressing. That way, even if two companies were to choose the same addresses and even if neither of them used a fi rewall, there still could be no confl ict because the addresses would never see each other. Table 1.5 lists the addresses that are automatically fi ltered byrouters leading onto the Internet.

TA B LE 1.5 Private IP address ranges

Class Address range Default subnet mask

A 10.0.0.0–10.255.255.255 255.0.0.0

B 172.16.0.0–172.31.255.255 255.255.0.0

C 192.168.0.0–192.168.255.255 255.255.255.0

As always, the full address is determined by the IP address combined with the sub-net mask. The important point to remember here is that these are the addresses that are fi ltered. In reality, you could use any address that you chose for the private IP address-ing schemes of your network. However, if we both decided to use a public address on theinside—for example, 14.1.1.1 for a router—then we could possibly see each other andhave an address confl ict if everything went wrong with the fi rewalls and other network protection. In other words, we would not be able to rely on the confi gured fi lters through-out the Internet. This is why I recommend that you use the private IP addresses that I have listed, and this is why you should know them.

As you can see in Table 1.5 , when the fi rst bit of the address was a 0 and the subnet mask was 255.0.0.0, then the address was a Class A address. There aren’t very many Class A addresses, but they sure cannot have a lot of hosts! These are generally assigned to ISPs, themilitary, government, and very large corporations.

When the fi rst bit was a 1, the second bit was a 0, and the subnet mask was 255.255.0.0,then the address was a Class B address. There are many more Class B addresses, but they cannot have the tremendous number of hosts that Class A has. These are generally assigned to medium‐sized to large corporations and smaller governmental entities.

When the fi rst bit was a 1, the second bit was also a 1, the third bit was a 0, and thesubnet mask was 255.255.255.0, then the address was a Class C address. There are a great


c01.indd 03/26/2015 Page 76

number of Class C addresses, but each one can contain only 254 hosts. These were origi-nally used for small companies and very small government entities.

Classless (CIDR) Now that you know about the subnet mask, I can talk about classful addressing vs. classless addressing. The fi rst thing to remember is that the names for these can throw you off track if you aren’t careful. Logically, it might seem that classful would be better thanclassless. However, this is not always true, and it isn’t true either that classless is alwaysbetter than classful. It depends on what you are trying to accomplish in your network.

Classful addressing takes its name because the fi rst octet of the address determines the subnet mask that will be used, and therefore the subnet mask does not have to be, andis not, advertised by the routers in the routing protocols. In other words, referring to the information in Table 1.5 , you will notice that an address that has 1 to 126 in the fi rst octet would be considered a Class A address if it had a subnet mask of 255.0.0.0. With classful addressing, that’s its only choice; the subnet mask is always assumed to be the one that cor-responds with its fi rst octet address.

This has the effect of limiting some network designs that otherwise could have used, for example, networks 172.16.1.0 and 172.16.2.0 with other networks between them. Thiscannot be done because the classful routing protocols will assume both of the networks to be 172.16.0.0 because of the assumed mask of 255.255.0.0. This will result in a network scheme that will not function properly.

Now let’s say you have a routing protocol that actually takes into account the addressand subnet mask you assigned to the interface. Wouldn’t that be nice? In that case, you could specify the networks 172.16.1.0 and 172.16.2.0 by assigning the subnet mask of 255.255.255.0 to each rather than the classful subnet mask of 255.255.0.0.

If the protocol could advertise the address along with the subnet mask, then you coulduse these two networks even if you had other networks between them because they would be seen as two unique networks. This type of addressing is used in today’s networks because it allows for more complex networking schemes that can make more effi cient useof the available IP addresses. This type of routing is referred to as Classless Inter‐DomainRouting (CIDR), and it’s used by most ISPs and large organizations to simplify IP address-ging and make more effi cient use of the addresses they have.

MAC Address Format The following is a MAC address on my computer:

00‐18‐DE‐08‐6E‐14

If you examine this address closely against Table 1.4 , you will note that its binary equiv-alent is the following:

0000 0000 – 0001 1000 – 1101 1110 – 0000 1000 – 0110 1110 – 0001 0100

In other words, the MAC address is actually a 48‐bit binary address that is represented as hexadecimal. Figure 1.43 illustrates the structure of a MAC address. The fi rst 2 bits on


c01.indd 03/26/2015 Page 77

the left (high order) represent whether the address is broadcast and whether it is local or remote. The next 22 bits are assigned to vendors that manufacture network devices, such as routers and NICs. This is the organizational unique identifi er (OUI). The next 24 bitsshould be uniquely assigned with regard to the OUI. In other words, if I am HP and I havealready used a specifi c hexadecimal number with one of my OUIs, then I should not use it again. In this way, each NIC has an address that is as unique as a person’s fi ngerprint.

F I GU R E 1. 4 3 The structure of a MAC address

Bits

48 Bits

22 Bits 24 Bits

OUI VendorAssigned

MAC Address

Broa

dcas

tLo

cal

1 1

The main point to remember about MAC addresses is that they should be unique withinthe network in which they are to be used. This means that if one is assigned to a NIC, itshould be unique within the whole world, but if a MAC address is functioning only on aninterface within your LAN, then you should just ensure that it’s unique within your LAN. Sometimes administrators may change the MAC address on a router interface, for example,to facilitate a behavior of another protocol. These types of changes are beyond the scope of this book.

Multicast vs. Unicast vs. Broadcast Three major types of addressing schemes are used on IPv4 networks. These are unicast,multicast, and broadcast. Each type has its own place in the network. Let’s look at each of these types of network addressing schemes:

Unicast Of the three types of addressing schemes used in IPv4, unicast is the most simpletand straightforward. A packet (Layer 3) or frame (Layer 2) is said to have a unicast address if it has one source address and one destination address. If we are discussing packets, then the source and destination addresses are of a Layer 3 protocol, likely IP. If we are discuss-ing Ethernet frames, then the source and destination addresses of a Layer 2 protocol are MAC addresses. In either case, the devices need to determine only the correct unique desti-nation address to send the packet.

Multicast Multicast addressing can be much more complex than unicast. With multicasttaddressing there is still only one source address; however, there can be multiple destina-tion addresses. In other words, the frame or packet basically carries a list of destination


c01.indd 03/26/2015 Page 78

addresses with it, and each device checks to see whether it is on the list when it sees thedata. Multicasting is especially useful for applications that send voice and video throughnetwork systems. Multicast addressing uses specialized protocols such as Internet Group Multicast Protocol (IGMP) to create and carry the list. The IP addresses carried by IGMPcan be mapped to MAC addresses for Layer 2 multicasting.

Broadcast Broadcast addressing is similar to just standing in a room yelling out a person’stname or an announcement. Anyone in the room with the name you yelled who hears youwould be likely to respond, but everyone in the room would be disturbed in the process. On the other hand, if the announcement were actually intended for everyone in the room, then you would have accomplished your goal.

Broadcasting is accomplished by using an address that directs the data to all the mem-bers of a network or subnet. Every IPv4 network or subnet has a broadcast address, which is the last numerical address before the next network. In the binary form of a broadcastaddress, you will notice that all the host bits are 1s. For example, the broadcast address of the network 192.168.1.0/27 is 192.168.1.31. As you can see, the host address portion is 31 in dotted decimal, which is 11111 in binary.

Some services in an IPv4 network work by broadcasts, such as DHCP and even ARP.That said, broadcasts are typically thought of as bad and to be avoided whenever possible.IPv6 uses a different form of addressing referred to as anycast to avoid using broadcaststand provide other specialized services. This is beyond the scope of this chapter and is notlisted as an objective on the current exam.

Broadcast Domains vs. Collision Domains The main defi ning difference between broad-cast domains and collision domains is the device that creates them. A collision domain thatis created by a hub does not segment traffi c but instead lets all of the devices fi ght for the same “wire” and therefore allows for the possibility of collisions. Since we don’t use hubs much (if any) anymore, but instead we use switches, the problem created by having morethan one connection on the same “wire” is eliminated. In essence, switches eliminate col-lisions by creating more collision domains. In fact, each communication of two devices through a group of switches will use its own collision domain.

In contrast, broadcast domains are created by routers and Layer 3 devices. These broad-cast domains are also referred to as networks or sometimes subnets, and they are defi nedby an IP address schema. A message that is sent to the broadcast address of a broadcast network will be received by all devices within the network. Ironically, the more broadcast domains that you have in your network, the less trouble you should have with broadcasts.

Exam EssentialsKnow the addressing schema of an IPv6 address. An IPv6 address consists of 128 bits that are represented in hexadecimal characters. Each set of 16 bits is separated by a colon. Address com-pression is used to shorten the addresses when successive zeros are used in the real address. Youcan use manual address assignment, auto‐confi guration, or DHCPv6 to confi gure IPv6 on yournetwork. You don’t have to change everything at once because many tunneling mechanisms can be used, so you can have both IPv6 and IPv4 on your network at the same time.

1.9 Explain the Basics of Routing Concepts and Protocols 79

c01.indd 03/26/2015 Page 79

Know the addressing schema of IPv4. IPv4 addresses consist of 32 bits that are rep-resented with dotted decimal format. There are specifi c classes of addresses that wereoriginally intended for specifi c size organizations, but now private and public subnettingmethods are employed to make more effi cient use of the IP addresses. You can convert pri-vate addresses to public addresses, and vice versa, using NAT and PAT.

Know the three major types of addressing schemes. Unicast has one source address and onedestination address. Broadcast has one source address and all listening devices as a destina-tion address. Multicast has one source address and a range or list of destination addresses.

1.9 Explain the Basics of Routing

Concepts and Protocols

Today’s networks are not your father’s network. Networks continue to evolve, and what we want to do on them continues to evolve. We are placing very fast computers on our networks now and expecting to receive reports, email, chat, music, videos, games, and so forth—often all at once! Because of these challenges, network administrators have to rely on newer and better technologies to both control traffi c and to provide security for anetwork. However, one of the major components that we use for our network is the same today as it was many years ago, namely, the router. In this section, I will discuss the many protocols that have evolved over time that control and enhance our use of the router.

Routing Loops Routing loops are not tools, but instead are actually issues that should be avoided in your network. Improperly confi gured static routes and dynamic routing protocols can causepackets to take a very long path to a destination by directing them into a loop and causingthem to go the long way around a network instead of just taking the best path. Properlyconfi gured static routes and dynamic routing protocols avoid routing loops by ensur-ing that only most effi cient paths are used. Because of this, it’s important for a networkadmin to understand how to interpret routing tables and how to confi gure dynamic routingprotocols.

Routing Tables Simply put, routers really do only two things: either they deliver a packet to an intended destination host if that host is on one of the subnets for which they have an active inter-face or they consult their routing table to determine what to do next. Table 1.6 is a simple illustration of a RIPv2 routing table using hop count. This is actually a Reader’s Digest ver-tsion of what you might see in a Cisco router, but you get the point. As you can see, the router that contains this table knows how to get to other networks by virtue of the table. In other


c01.indd 03/26/2015 Page 80

words, a packet that comes into this router that is destined for the 10.1.0.0 network will be sent out of a different interface from one that is destined for the 192.168.1.0 network.

TA B LE 1.6 RIPv2 hop count

Destination network Subnet mask Interface Metric (hop count)

10.1.0.0 255.255.0.0 S0 1

192.168.1.0 255.255.255.0 S1 1

172.16.0.0 255.255.0.0 S1 2

Static vs. Dynamic Routes Along with all of this discussion of dynamic routing protocols, we should also mention that it’s entirely possible for you to confi gure your own settings in regard to the network tables.The method you use depends on the vendor of the router, but the general principle is thesame. Although it would likely not be to your advantage to reconfi gure the tables with every network change, sometimes a specifi c static confi guration might be advantageous. Thesestatic confi guration tweaks are usually for the purpose of enhancing security, ensuring thereliability of a link, or forcing the system to do something that it otherwise would not do.

Default Route The default route , also called the default gateway if it’s on a computer or switch, deter-mines how the device will send data to a remote network if there is no other informationabout that network in the table. Generally, this is an internal address to a router, because that device provides access to the outside world. It’s important that the default route be confi gured properly; otherwise traffi c will take the wrong path and network communica-tion will be affected negatively.

Distance Vector Routing Protocols (RIPv2)Routing Information Protocol (RIP) is one of the fi rst routing protocols. As you can imag-line, being fi rst in regard to technology does not necessarily mean being the best. In fact, RIP is now considered obsolete and is being replaced by more sophisticated routing proto-cols, such as RIPv2, OSPF, and IS‐IS.

The principal reason for RIP’s demise are that it is a chatty protocol in which all informa-tion that each router knows regarding networks is broadcast every 30 seconds. In addition, RIP uses a hop count metric that doesn’t take into account the bandwidth of a connection.Finally, RIPv1, commonly referred to as RIP, is classful, which means it does not provide the means to advertise the true subnet mask of a network. In today’s varied networks, this typeof routing protocol does not have the intelligence needed to route packets effi ciently.

RIPv2 solves some of the problems associated with RIPv1 but not all of them. It does not broadcast every 30 seconds but instead uses multicast addressing for its advertisements.


c01.indd 03/26/2015 Page 81

This provides for much more effi cient use of network bandwidth. In addition, it can be con-fi gured to be classless, which means it can carry the true subnet mask of a network and cantherefore be used on more complex networks.

RIPv2, however, still uses only a hop count metric. Because of this limitation, it cannotbe used effectively in today’s networks that provide redundant and sometimes varied speedconnections from point to point. It is therefore also considered by today’s standards to be a legacy routing protocol.

Hybrid Routing Protocols (EIGRP)Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco proprietary protocollthat combines the ease of confi guration of distance vector routing protocols such as RIP or RIPv2 with the advanced features and fast convergence of link state protocols. It is said tobe a distance vector routing protocol with link state attributes. It can also be considered anadvanced distance vector routing protocol or a hybrid routing protocol.

EIGRP uses a much more sophisticated metric than RIP or RIPv2. This metric includes the bandwidth of a connection and the delay, which is an experiential factor of how long it takes to pass traffi c over the path of the network. It can also be tweaked by an administra-tor using load and reliability factors. Because of its more sophisticated metric, EIGRP is well suited for small, medium, and even large networks. The only possible disadvantage to EIGRP is that it is Cisco proprietary and therefore operates only on Cisco routers and Cisco Layer 3 switches.

Link State Routing Protocols (OSPF, IS‐IS) Open Shortest Path First (OSPF) is by far the most common link state routing protocol in tuse today. OSPF is so named because it is an open protocol. In other words, it’s not propri-etary, and it uses the Shortest Path First (SPF) algorithm developed by Dijkstra.

The principal advantages of this protocol include that it is quiet on the network—notchatty like some of the protocols that preceded it—and that it converges very rapidly when there is a change in the network. In other words, when the tables need to be changed tocontrol network traffi c, it makes that happen very fast—usually within a few seconds. Because of these advantages, OSPF can be used on small, medium, and large networks.

Another link state protocol that bears a brief mention is Intermediate System to Intermediate System (IS‐IS). This is a routing protocol that was designed to work withvery large network schemes, such as those used by Internet service providers. It determines the best route for each packet through a packet‐switched network. Like OSPF, it is anopen‐source protocol that is not proprietary to any single vendor. IS‐IS also makes use of Dijkstra’s algorithm.

Table 1.7 provides a view of the classifi cations and attributes regarding the most com-mon routing protocols. Please note that in this table, all mentioned protocols are interior gateway protocols (IGP), which means they are confi gured under one autonomous system (AS) or management domain. You should also know that all of the most common routing protocols used today are classless; which means that they can be confi gured to advertise a


c01.indd 03/26/2015 Page 82

custom subnet mask. Pay closest attention in the table to the differences in regard to open vs. proprietary and link state vs. distance vector vs. hybrid.

TA B LE 1.7 Routing protocol classification

Routing Protocol IGP/EGP Proprietary/Open AD LS/DV/Hybrid

RIPv2 IGP Open 120 DV

EIGRP IGP Proprietary 90 Hybrid

OSPF IGP Open 110 Link State

IS‐IS IGP Open 115 Link State

IGP vs. EGP All the routing protocols I’ve discussed thus far have been interior gateway proto-cols (IGPs). Another routing protocol, Border Gateway Protocol (BGP), is an exterior gateway protocol (EGP). Understanding the difference relies upon your knowledge of an autonomous system . An autonomous system is a group of devices under the sameadministrative domain. If a routing protocol works within one autonomous system, it is considered to be an IGP. If it works across autonomous systems, in effect connecting them, then it is considered to be an EGP. That’s all there is to it, so don’t make it any harder than it really is. The only EGP that you should be concerned with today is BGP;all of the rest are IGPs.

Route Redistribution Suppose that you use more than one type of routing protocol in your organization. In that case, it may be necessary for one routing protocol to share what it has learned with anotherrouting protocol or, in other words, redistribute the routes. Route redistribution might also be used to add static routes or directly connected routes to the information contained in routing updates received from various routing protocols.

Loopback Interface Yet another way of redirecting traffi c is to use a loopback interface. As the name implies, a loopback interface is a virtual interface that can be used to redirect traffi c (loop traffi cback) to a destination in your network. From there, you might be directing the traffi c into a tunnel or to another network component. In addition, since the interface is virtual, it can-not go down; therefore sometimes it is used in network confi guration for an interface that must be there at all times, such as an administrative interface or a special interface used to establish a router’s ID, such as in OSPF. The precise confi guration of loopback interfaces is beyond the scope of this text.


c01.indd 03/26/2015 Page 83

High Availability Since routers stitch your network together and connect it to other networks, it would not begood if one was to fail and there was nothing to take its place. Therefore, we often employhigh‐availability methods to prevent the failure of a router from causing a long‐term con-nectivity issue. The three most common high‐availability solutions for routers are VRRP,virtual IP, and HSRP.

VRRP Virtual Router Redundancy Protocol (VRRP) provides for automatic assignment of lIP addresses to routers and participating hosts. It does this by assigning the IP addressing to a virtual router, which can actually be connected to any of a team of physical routers. In this way, if a physical router fails, another physical router can be used to route the traffi c. Thephysical router that is forwarding packets at any given time is referred to as the master router.

Virtual IP Virtual IP is a similar concept to VRRP but not as elaborate. It simply consistsof an IP address that is assigned to a team of devices (in this case routers) so that traffi c com-ing to the virtual IP addresses may be sent to any one of the devices behind it. These devices are often load‐balanced to increase traffi c throughput, but they also increase reliability, sincethere is more than one physical device (in this case a router) associated with that IP address.

HSRP Hot Standby Router Protocol (HSRP) is a Cisco proprietary routing redundancy pro-ltocol that establishes a fault‐tolerant default gateway. A framework is established between net-work routers so that a new gateway is automatically created when the current gateway becomes inaccessible. This could happen because the router went down or because one or more inter-faces on the router failed. HSRP is not a routing protocol but more of a recovery mechanism.

Route Aggregation Also referred to as supernetting, g route aggregation is a method of using an address that actually refers to multiple addresses or even a block of addresses. It is based on using thesame principles that we discussed in regard to subnetting but in reverse. Whereas sub-netting is always moving from left to right, route aggregation moves from right to left.For example, 192.168.0.0/16 is an aggregate address of 256 /24 networks ranging from 192.168.0.0/24 – 192.168.255.0/24. Look at Table 1.4 again and work it the other way, and you’ll see that moving 8 bits to the left will aggregate 2^8 (256) networks.

Routing Metrics Some routing protocols are much smarter than others. By this I don’t mean that you are smarter if you use one or the other but that the routing protocol itself makes more intel-ligent decisions. The data that every routing protocol uses to make decisions is referred to as its routing metric . Different routing protocols use different routing metrics. There are six routing metrics used by routing protocols today. These are as follows:

Hop Counts A hop is the process of a packet passing through two router interfaces and into a new network or subnet. It’s just more fun to say that it “hopped” over the router and


c01.indd 03/26/2015 Page 84

into the next network. Routing protocols that only use hop counts, such as RIP and RIPv2, are of limited intelligence because they don’t take into account the bandwidth of each link or the traffi c currently on it. One hop is equal to any other, regardless of the bandwidth of each option.

MTU, Bandwidth, Delay Maximum transmission unit (MTU) is a metric that is car-ried by EIGRP but not actually used in the calculation of the best route. It can be con-sidered a legacy metric that is used to signify the largest size packet that could be sentover the entire route. With today’s modern networks, it is no longer needed. The two most common metrics used by EIGRP are bandwidth and delay. Bandwidth is defi nedas the lowest confi gured bandwidth of any interface in a proposed route. This is similarto the idea that “the weakest link in a chain determines its strength!” Delay , as I men-tioned, is an experiential factor of how long it takes to pass data over the link. These types of metrics offer greater intelligence and usually better routing decisions than hop counts can.

Costs Whereas EIGRP uses bandwidth and delay to make decisions, link state routing pro-tocols such as OSPF use a metric referred to as cost . With OSPF, cost is calculated by takingt10 to the power of 8 and dividing it by the bandwidth in bits per second. By this calculation, aconnection with a bandwidth of 100 Mbps has a cost of 1. Cost is a relatively simple metric, butsince it is calculated for all possibilities, it can be resource intensive in a complex and dynamicnetwork.

Latency Latency is very similar to delay when used with respect to routing. It defi nes theamount of time that it takes for a packet to travel from a source to a destination. The differenceis that while delay is specifi cally a routing metric, latency is a term that is also used outside of routing, such as in hard drives or memory. The assumption is that something else is waiting for the data to arrive and that the less time it waits, the faster everything else can move.

Administrative Distance The administrative distance (AD) of a particular route is an indi-cation of the trustworthiness of that route, with the lowest AD indicating the most trust-worthy route. It is a useful metric when more than one routing protocol or method (staticor connected) is advertising a path to a destination and the paths are different. In such cases the route that will be believed will be the one with the lowest AD. Table 1.7 earlier inthis chapter show the AD of the most common routing methods and routing protocols.

SPB Shortest path bridging (SPB) is specifi ed by the 802.1aq standard and is intended to gsimplify the creation of robust networks by enabling multipathing routing. It will likely eventually supersede spanning tree protocol. Later, in Chapter 2, I will discuss spanning tree protocol. The precise confi guration of SPB is beyond the scope of this text and the test.

Exam EssentialsKnow the essentials of routing tables. Routing tables are created when an administratorenters the information manually or when routing protocols share information with each other about known routes. A default route is the catchall that determines what happens with traffi c that is not specifi ed in the routing table. Routers will use all information in the routing table to determine where to forward traffi c.

1.10 Identify the Basic Elements of Unified Communication Technologies 85

c01.indd 03/26/2015 Page 85

Know the different types of routing protocols. RIP and RIPv2 are distance vector rout-ing protocols. RIPv1 is now considered obsolete, but RIPv2 is still used in many small networks. Both of these routing protocols use only hop count for a metric. EIGRP is con-sidered a hybrid routing protocol and uses multiple metrics. In essence, EIGRP is a distance vector routing protocol that acts like a link state routing protocol. EIGRP is proprietary to Cisco. OSPF and IS‐IS are link state routing protocols. They are suitable for very large net-works because they are very effi cient with regard to communications and convergence.

Know routing terminology. An autonomous system is a group of devices (in this case routers) under the same administrative domain. IGPs operate within an autonomous system. EGPs con-nect autonomous systems. Route redistribution can be used to share information about routes from one routing method or protocol to another, to then be included in its updates. High‐avail-ability mechanisms such as VRRP, virtual IP, and HSRP can be used to ensure that routes stay in place even if some physical routers fail. Route aggregation can be used to lessen the load on a router by storing blocks of contiguous networks rather than every individual network.

Know routing metrics. Routing metrics will determine which route is believed, which route is advertised in a table, and therefore which route is used to deliver traffi c. Hop count is theoldest of routing metrics that is used by RIP and RIPv2. A hop is simply passing through two router interfaces into a new network. MTU is the largest packet that can be successfullydelivered through a network without breaking it into smaller pieces. It is a metric that is listed for EIGRP but no longer actually used. Bandwidth is the lowest confi gured bandwidth onany interface in the proposed route. Delay is an experiential factor that indicates how long it took last time to cross the link. Cost is used by OSPF and is part of Dijkstra’s algorithm. Itgenerally represents 10^8 / Bandwidth in bps. Latency is similar to delay and represents theamount of time that it takes to complete the operation. Administrative distance indicates therelative trustworthiness of a source, with the lowest AD being the most trustworthy.

1.10 Identify the Basic Elements of

Unified Communication Technologies

The term unifi ed communication (UC) has become quite the buzzword in today’s confer-ences and expos. We are certainly doing more with our computers, devices, and networksthan we were even fi ve years ago. Some of the technologies that have found their way onto our networks include VoIP, video, and other real‐time services. We use network methodssuch as quality of service (QoS) to assure that communication moves smoothly. We’ve alsodeveloped devices that are specialized for these types of services. In this section, I will dis-cuss all of these topics and more.

VoIP and Video If you think about it, it’s all come full circle. We started with the telephone in the late 1800s, which used only voice. This technology remained in place for quite a while. Then


c01.indd 03/26/2015 Page 86

we began to add computers to the telephone lines in the late 1970s. After this, many new communication lines were developed (such as T‐1, frame relay, ATM, and SONET) to enhance the communication between computers. These new types of communication lines have become very sophisticated and powerful. Now, we have decided that we can achieve great speed and quality advantages for telephones by putting those voice connections onto the sophisticated lines that were fi rst developed for computers. VoIP provides a merging of voice, data, and video technology that allows easy collaboration of information between people for business and personal use. Obviously, it requires a network that supports its bandwidth requirements.

Real‐Time Services I wasn’t sure what to say about this bullet point until I realized that I actually provide a service using a type of real‐time service. Sometimes I teach people all over the world aboutCisco networking and VMware virtual servers without ever leaving my house. I just puton a headset so they can hear me and I connect to a central classroom provided by WebEx,Adobe Connect, or some other platform. From there, we can all collaborate on a topic, share whiteboards and PowerPoint slides, and talk or chat about what we are learning. It’san amazing world that we live in! Of course, I’m not the only one doing this; many collegesand other types of schools have decided to use online learning as part of their curriculum. This is only one type of real‐time service. Others might include stock reports and manage-ment, games, banking, and so on. The most sophisticated of these types of services use amixture of multicast and t unicast transmission to create the presence and services that maketyou think you are actually there, just like my online classes! There is even a realtime mes-saging service called presence that allows developers to know how many users are subscrib-ing to their services.

QoS To provide the quality needed for real‐time services, you can confi gure your network to give that type of traffi c an edge over the other traffi c that is on the wire at the same time. This quality of service edge can be established at Layer 2 or Layer 3 of the OSI model.There are two types of QoS that you can deploy on your network: DSCP and COS.

DSCP Differentiated Services Code Point (DSCP) is a mechanism for classifying and tmanaging network traffi c. It operates at Layer 3, (Network layer) using a 6‐bit code point within an 8‐bit fi eld. Each frame from an application is identifi ed with a class of traffi c, and each router on the network is confi gured to recognize that class. That way, you can deter-mine that one type of traffi c has a higher priority than another type. The exact classifi ca-tion of each type of traffi c is beyond the scope of this text.

COS Class of Service (COS) is an earlier and less‐sophisticated method of classifying net-work traffi c. It operates at Layer 2 (Data‐Link layer) using a 3‐bit designator, so there are only eight designations for traffi c (0–7). Network devices such as routers and switches can

1.11 Compare and Contrast Technologies That Support Cloud and Virtualization 87

c01.indd 03/26/2015 Page 87

be confi gured to recognize the classifi cation of packets and react accordingly so that appli-cations that need more from the network will receive a higher priority.

Devices So if you put it all together, you can use specialized UC servers and applications connected to specially confi gured UC devices (such as routers and switches with QoS) to connect through your network. In fact, it’s even possible to confi gure the DSCP to assign a differ-ent UC gateway for specifi c types of traffi c, thereby giving it a different and perhaps more advantageous route into and out of your network. All of this can combine to provide the performance that you need for the UC application that you are running.

Exam Essentials

Know the basics of unified communication technologies. Simply put, unifi ed communica-tion technologies get more out of our computers and devices by combining the elements of voice, data, and video to allow for more creative information exchange and service render-ing. Real‐time services such as online classes can be hosted on multiple platforms to provide an experience as close as possible to actually being there. These services generally consume more bandwidth than data‐only services, so they require methods to assure a higher prior-ity through your network.

Know the different types of QoS. Quality of service ensures that UC services are treated with a higher priority than other traffi c. DSCP works at the Network layer and uses a 6‐bit code point to classify traffi c. COS works at the Data‐Link layer and uses a 3‐bit designator. Both can be confi gured on the application and on the appropriate network devices so as to allow for prioritized delivery of UC traffi c that requires it.

1.11 Compare and Contrast Technologies

That Support Cloud and Virtualization

Three other buzzwords that get thrown around a lot are the concepts of virtualization , storage area network , and the cloud . Each of these concepts plays a role in the confi guration of your ddatacenter. The trend is all about moving the intelligence and the confi guration off of the indi-vidual devices and into the software. In this section, I will discuss how each of these three con-cepts plays a key role in the development of your software defi ned datacenter (SDDC). r

Virtualization There isn’t enough time (or paper) to fully cover this topic in this book. I could write an entire book on the subject; in fact, I have written a couple of them! What I want to focus on


c01.indd 03/26/2015 Page 88

now is the fact that network devices do not have to exist as hardware in order to function.If you think about it, the functional part of routers, switches, and so on was never the hard-ware anyway. It’s always been the software and the application‐specifi c integrated circuits(ASICs) that provided software aspects in the hardware…or fi rmware .

Because of this fact, you can use software provided by a virtualization vendor, such asVMware NSX, to create a software networking environment. The virtual machines thatare using the virtual networking will deliver their workloads to the networking compo-nents as normal because the software components will behave the same as their hardwarecounterparts. Therefore, you can create an entire network of virtual switches, virtualrouters, virtual fi rewalls, and so on. This network can be programmatically controlled with-out the need to confi gure multiple hardware devices. This is truly the future of networking.

Storage Area Network In order to realize the SDDC, we must have shared storage between the physical serversthat host the virtual servers and virtual network components. This shared storage has historically been created using one of three methods: iSCSI, Fibre Channel, or network‐attached storage. In this section, I will briefl y discuss each of these technologies. The fi rst two actually use a storage area network (SAN), while the last one is very different.

iSCSI Internet Small Computer Systems Interface (iSCSI) is one of those acronyms thatdoes you no good at all! In fact, it could actually throw you in the wrong direction. In real-ity, iSCSI is typically used today in server networks (big networks) and is typically usedwithin subnet boundaries (intranetworks). The name comes from its and its predecessor’searlier use, which you don’t have to know.

Suffi ce it to say that iSCSI is a storage transport mechanism that is fast and reliable andcan help an organization leverage the network cables, switches, and connections that they already have in place. It is generally used on 10 Gbps networks to leverage bandwidth thatis not being used for networking and to move storage sessions with it. If you already have a 10 Gbps network, you can simply purchase and install iSCSI cards on your servers so theycan use the network for storage purposes. You may also want to increase the MTU on yournetwork components to 9000 instead of 1500. This is to allow for larger frames, calledjumbo frames , used with iSCSI to reduce overhead.

Fibre Channel Fibre Channel is another technology that you can use to move data from your lSAN. It uses either fi ber‐optic cables and switches or a 10 Gbps network with specialized cards. That’s right; you can use Fibre Channel over copper cable. In fact, the “re” usually designates the technology, which can be employed on fi ber (“er”) cables or copper cables with the appro-priate connectors. Fibre Channel uses a special type of addressing called a worldwide name (WWN). Each component (or node) in the Fibre Channel network (or fabric) has its own unique WWN. The specifi c confi guration of Fibre Channel networks is beyond the scope of this text.

Network Attached Storage I’m not sure why network attached storage (NAS) falls understorage area network in the certifi cation objectives. I can tell you this: they are not the same and are not really even related! NAS is a form of glorifi ed mapped drive in which a shared

1.11 Compare and Contrast Technologies That Support Cloud and Virtualization 89

c01.indd 03/26/2015 Page 89

volume is connected to by a client to obtain and use data. The NAS server, usually a Unix or Linux server, provides the access to the volume and is always in the middle. In otherwords, the client never has its own access to the disk but only to the data that the serverprovides it. This is referred to as fi le‐level storage. Don’t get me wrong; this mapped drivecan be extremely fast if it’s confi gured properly and can offer a potentially more fl exiblealterative to a SAN. You can generally put any type of fi les on a NAS or a SAN.

Cloud Concepts Cloud computing is the delivery of computing resources as a service that can be provided on an as‐needed basis wherever and whenever required. It can best be understood by think-ing about a utility such as electricity or water. If you connect to the right place with the right device, you can benefi t from what comes out of that connection. Major cloud concepts include public, private, hybrid, and community. Each of these has elements relating to infra-structure as a service (IaaS), software as a service (SaaS), and platform as a service (PaaS).In this section, I will discuss all of these topics and more.

Public The basic idea behind using a public cloud is that you want the storage or com-puter resources right now, you don’t want to create them yourself, and you want to learnfrom someone else’s mistakes. Because of this, you have decided to choose from a variety of offerings from a public cloud vendor such as Amazon Web Services or Microsoft’s Azure. These companies can provide everything from the infrastructure (servers and storage), to the platform (operating systems and drivers to run applications), to the applicationsthemselves. You have but to ask and you can have it very quickly.

Private You can create the platform for your own private cloud using virtualization soft-ware from VMware and other companies. The advantage of a private cloud is that you arein complete control and you make all of the decisions. This can also turn into a disadvan-tage if you don’t have experience and are learning from your own mistakes instead of otherpeople’s mistakes. You are in control of the IaaS, PaaS, and SaaS components of your ownsystem. It may take longer to set up, but it’s all yours. It’s also possible to have someone elsebuild and manage your private cloud, but that is not the norm.

Hybrid To get the best of both worlds, many organizations are opting for a hybrid designin which they control what they know how to do and let the experts manage what they are not as comfortable managing. For example, an organization might have some applications built, managed, and secured internally, while others are built, managed, and secured bythird parties. It’s also possible to use the hybrid cloud concept to meet temporary demandsor spikes, without having to retool to meet the demand. As you can see, many creative alternatives exist for you to manage your IaaS, PaaS, and SaaS.

Community A community cloud is used by a group of organizations from within thesame business community that share the same common concerns such as compliance, secu-rity, and so on. Therefore, the costs to create the cloud are spread over a few organizationsto save money for each organization but still maintain more control over IaaS, PaaS, and SaaS decisions than with a public cloud.


c01.indd 03/26/2015 Page 90

Exam EssentialsKnow the basics of virtualization of network components. The workload that goes onto a virtual switch, virtual router, virtual fi rewall, and so on is not aware that it’s on a virtual network component. Because of this, you can create entire networks using a software prod-uct like VMware NSX. This network can be software programmatically controlled, with-out the need to confi gure multiple hardware devices.

Know the basics of SAN and other storage solutions. Your SDDC requires shared storage. You can obtain shared storage using iSCSI or Fibre Channel over Ethernet to leverage yourcurrent copper‐based infrastructure. Alternatively, you can use special fi ber‐optic cablesand switches to build a separate infrastructure for storage only. Finally, you can use a Unixor Linux server to host a NAS system that will provide you access to your data.

Know the basics of cloud concepts. Clouds deliver computing resources as a service. There are three main parts of computing that can be delivered as a service: IaaS, SaaS, andPaaS. These infrastructure, software, and platform services can be created and managed in multiple ways, including private, public, hybrid, and community. Your choice of design willbe determined by your experience level and the time that you have to devote to creating and managing the computing resources. Private will be more fl exible than public or community, since you make all of the decisions, but will take more of your time and resources. Hybrid may offer the best of both worlds.

1.12 Given a Set of Requirements,

Implement a Basic Network

Yep, that’s the objective, and CompTIA didn’t give the list of requirements, so I guess I getto make all of this up! OK, so I’m going to start by listing a set of requirements and limita-tions in regard to our design, and then we will make intelligent decisions from there. We will also take into account factors such as wired or wireless communications and security considerations. Our goal is to put much of what you have learned in this chapter to work in a real network, even if it’s just on paper.

List of Requirements The network that we will discuss must be able to perform the following functions:

■ Successfully and securely connect six separate departments with 1–30 hosts in eachdepartment in the main building.

■ Dynamically assign IP addresses to all clients.

■ Use a private addressing scheme that can also connect to the Internet.

1.12 Given a Set of Requirements, Implement a Basic Network 91

c01.indd 03/26/2015 Page 91

■ Provide for WAN connectivity to two remote locations.

■ Provide monitored web access to employees in all locations.

■ Detect threats to the network and automatically close ports when appropriate.

■ Provide for high availability and high performance for a customized database server system used by the sales department.

■ Leverage an existing 10 Gbps infrastructure for storage and networking.

■ Provide for secure wireless connectivity for users in the main building.

■ Use an easy‐to‐configure‐and‐manage open‐source protocol in the main building network.

Device Types/Requirements To get started we are going to need a router and some switches, which can handle 10 Gbpsbandwidth. We will also need a DHCP server, which could be a separate server or could be confi gured on the router. In addition, we will need a proxy server and an IPS server to meetthe security goals. Also, we will need a load balancer to meet the performance and high‐availability goals of our custom database application for sales. In addition, we will need an iSCSI array for storage. Finally, we will need a WAP or two to handle the wireless connec-tions in the main building.

Environment and Equipment Limitations Most of our installation, confi guration, and so on will be in the main building. We will build everything to code and with best practices in mind. For example, we will use ple-num cable whenever we are in the plenum to meet that legal standard and make the fi re marshal happy. We will build our cables appropriately for straight‐through to connectdissimilar devices and crossover to connect similar devices. We will use the appropri-ate number of switches and other devices so as to meet our requirements and allow for alittle growth.

Compatibility, Wireless, and Security Considerations The network that we will build must be capable of separating six different departments into their own broadcast domains so we can manage them separately from each other. We will use a private addressing structure of 192.168.1.0/27. Our networks will be the 0, 32, 64,96, 128, and 160 subnets. The WAN links to the remote offi ces will be subnets of the 192 subnet and will therefore be 192.168.1.192/30 and 192.168.1.196/30, since we need onlytwo hosts on each of those links.

The client addresses will be obtained through a DHCP server that will have the scopes listed for each of the clients. We will use a DHCP relay agent server in each subnetthat does not contain the DHCP server so the client can obtain an appropriate address


c01.indd 03/26/2015 Page 92

dynamically. In addition, we will use the DHCP server to confi gure the clients with the address of the proxy server to be used for monitored Internet access. Also, we will con-fi gure an IPS to close connections when inappropriate anomalies are detected in the net-work traffi c.

Finally, we will use a router or a switch with VLANs confi gured to divide the networkphysically into the logical segments that we created with the subnetting. Also, the switcheswill be connected to a router confi gured with PAT for Internet access and to a WAP forwireless access. For wireless security, we will require secure access to the WAP with proto-cols that we will discuss in the next chapter. Figure 1.44 shows the IP schema of our little network.

F I GU R E 1. 4 4 The IP schema of our little network

192.168.1.0/24

192.168.1.192/30

192.168.1.196/30

RouterNAT/PATIPS services

2 remoteoffices

WAPremoteconnectivity

6 depts. withup to 30 hostseach

192.168.1.0/27

192.168.1.32/27

192.168.1.64/27

192.168.1.96/27

192.168.1.128/27

192.168.1.160/27

Exam EssentialsUnderstand how to approach a network design. Start with your overall objective. Then, develop a list of requirements in regard to hardware, software, security, performance,and so on. Next, identify the devices that will be needed based on the capabilities of each device. Finally, implement and test the plan for your specifi c environment with regard to distance limitations for wired and wireless devices.

Review Questions 93

c01.indd 03/26/2015 Page 93

Review Questions

1. At what two layers of the OSI model does a multilayer switch work? (Choose two.)

A. Layer 2

B. Layer 1

C. Layer 3

D. Layer 4

2. How many bits are used to create an IPv4 address?

A. 8

B. 6

C. 32

D. 64

3. If you have a Class B address with a default subnet mask and you need to create eight sub-nets, then which of the following subnet masks should you use?

A. 255.255.255.240

B. 255.255.224.0

C. 255.255.240.0

D. 255.240.0.0

4. Which of the following IP addresses are valid only for private IP addressing that is filteredfrom the Internet? (Choose two.)

A. 10.1.1.1

B. 172.17.255.254

C. 11.1.2.4

D. 193.168.2.1

5. Which two modes of IPsec can be used in a network?

A. Full

B. Partial

C. Tunnel

D. Transport

6. Which tunneling protocol is typically used with IPsec?

A. PPP

B. PPTP

C. L2TP

D. PTP


c01.indd 03/26/2015 Page 94

7. Which type of DNS record is used to resolve a simple hostname to an IPv4 address?

A. MX

B. AAAA

C. CNAME

D. A

8. What protocol pushes data on fiber links at 150 Gbps and is controlled by atomic clocks?

A. SONET

B. ATM

C. Frame relay

D. Fast Ethernet

9. What type of cable consists of an inner core wire and an outer braided wire?

A. UTP

B. STP

C. Single mode fiber

D. Coaxial

10. Which of the following is a system that can provide remote control of industrial equipment?

A. ATM

B. SONET

C. SCADA

D. Frame relay

Date post:	19-Oct-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

C hapet r Domain 1.0 Network Architecture€¦ · c01.indd 03/26/2015 Page 1 C hapet r Domain 1.0...

Documents